How to make your team unhappy

The smallest of your actions can have a big impact on your staff – whether positive or negative. Look carefully

before you step.| PAGE 20

MAKE YOUR TEAM

The smallest of your actions can have a big impact on your staff – whetherThe smallest of your actions can have a big impact on your staff – whetherThe smallest of your actions can have

positive or negative.a big impact on your staff – whetherpositive or negative.a big impact on your staff – whether

MAKE

Getting InSHAPEPAGE 16PAGE 13

BEST OF BREED

Road toINFORMATION MANAGEMENTPAGE 40

NO HOLDS BARRED

AlteringEconomics ofCYBERSECURITYPAGE 12

A QUESTION OF ANSWERS

S P I N E

Technology for Growth and Governance

CT

O

FO

RU

M

A 9.9 Media Publication

Volume 06 | Issue 04

DIS

MA

NT

LE

SIL

OS

| SE

CU

RIT

Y V

S. A

CC

ES

S | C

ON

SU

ME

R A

PP

S IN

BU

SIN

ES

S

October | 07 | 2010 | Rs.50Volume 06 | Issue 04

EDITORIALRAHUL NEEL MANI | [email protected]

107 OCTOBER 2010CTO FORUMTHE CHIEF

TECHNOLOGYOFFICER FORUM

Road to Information ManagementManoj Chugh, President India and SAARC, EMC Corporation in an exclusive conversation with Rahul Neel Mani talks about how the company grew both in size and stature.

EDITORS PICK40

In the past few weeks, the tech world has witnessed

quite a few very surprising C-level movements, which has created ripples all across.

The first surprise came when Mark Hurd, former CEO of HP, joined Oracle as its Co-Presi-dent, Director and Member on Board. Larry Ellison, Oracle’s CEO and supposedly a good friend of Hurd, rendered all speechless with his conspicu-ous move. As an instant reac-tion to this coup, HP filed a civil

Ellison. HP spokesperson, with-out making Apotheker available, retaliated, “Ellison’s comments don’t deserve the dignity of a response.”

Ellison's impatience to react to HP’s move was obvious. SAP is Oracle’s biggest competitor in the business application domain. Apotheker has worked with SAP for over 20 years. And Ellison seldom misses a chance to take pot shots at SAP.

A few years ago, Paul Maritz left Microsoft to join VMware. At the time of leaving, Maritz was leading the .Net framework–Microsoft’s dream platform to capture the developer com-munity. His departure was a jolt to Microsoft, and it remains so even today. Forget about .Net, his exit gave jitters to Microsoft’s plans on the virtualisation front as well. Just as .Net is far from beating Java in the developer

complaint against Hurd. The case was later withdrawn.

Striking back in vengeance, a few weeks later, HP declared Léo Apotheker, the former CEO of SAP, as its new boss. This, in turn, made Ellison “speechless”. The outspoken Oracle CEO was quoted in the WSJ (Wall Street Journal) as being at a loss for words. “I am speechless. HP had several good internal candi-dates. Instead they picked a guy who was fired because he did a bad job of running SAP,” said

world, HyperV is miles away from posing a formidable com-petition to VMware. This was ratified by a recent Goldman Sachs report, too.

Similarly, Apotheker, however badly he may have handled SAP during his tenure as its CEO, will attempt to give a definite direction to HP’s software busi-ness, which currently features at the bottom of the list. And, Oracle that just engulfed Sun Microsystems will get a fillip from Mark Hurd’s appointment.

I am not too sure whether these moves also instigate high-value corporate customers to shift their loyalty, but there sure-ly are implications which can be detrimental to competitors.

What are your views?

The C-level Muddle Movements at top slots of the

largest IT companies

2 07 OCTOBER 2010CTOFORUM THE CHIEF


OCTOBER10

COVER STORY

20 | How to Make Your Team UnhappyThe smallest of your actions can have a big impact on your staff – whether positive or negative. Look carefully before you step.

COPYRIGHT, All rights reserved: Reproduction in whole or in part without written permission from Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd, C/o Kakson House, Plot Printed at Silverpoint Press Pvt. Ltd. D- 107, MIDC, TTC Industrial Area, Nerul, Navi Mumbai- 400706

COLUMNS36 | NEXT HORIZONS: TWEETING AT WORK Top 10 mainstream apps/devices infiltrating the organisation. BY ROBERT MCGARVEY

52 | VIEW POINT: WELCOME TO THE THUNDERDOME EMC’s Greenplum acquisition.BY STEVE DUPLESSIE

FEATURES44 | TECH FOR GOVERNANCE: DISMANTLING SILOS How to identify the 10 telltale signs and head off damaging information bottlenecks. BY MATT SWANSON

Please Recycle This Magazine And Remove Inserts Before

Recycling

HOW TO MAKE YOUR TEAM

20

CO

VE

R D

ESI

GE

N B

Y A

NIL

T

CO NTE NT S THECTOFORUM.COM

307 SEPTEMBER 2010CTO FORUMTHE CHIEF


OCTOBER10 Managing Director: Dr Pramath Raj SinhaPrinter & Publisher: Kanak Ghosh

Publishing Director: Anuradha Das Mathur

EDITORIALEditor-in-chief: Rahul Neel Mani

Executive Editor: Geetaj ChannanaResident Editor (West & South): Ashwani Mishra

Associate Editor: Dominic KAssistant Editor: Aditya Kelekar

Principal Correspondent: Vinita GuptaCorrespondent: Sana Khan, Nipun Sahrawat

DESIGNSr. Creative Director: Jayan K Narayanan

Art Director: Binesh Sreedharan Associate Art Director: Anil VK

Manager Design: Chander Shekhar Sr. Visualisers: PC Anoop, Santosh Kushwaha

Sr. Designers: Prasanth TR, Anil T Suresh Kumar, Joffy Jose & Anoop Verma

Designer: Sristi Maurya Chief Photographer: Subhojit Paul

Photographer: Jiten Gandhi

ADVISORY PANELAjay Kumar Dhir, CIO, JSL Limited

Anil Garg, CIO, DaburDavid Briskman, CIO, Ranbaxy

Mani Mulki, VP-IS, Godrej IndustriesManish Gupta, Director, Enterprise Solutions AMEA, PepsiCo

India Foods & Beverages, PepsiCoRaghu Raman, CEO, National Intelligence Grid, Govt. of India

S R Mallela, Former CTO, AFLSantrupt Misra, Director, Aditya Birla Group

Sushil Prakash, Country Head, Emerging Technology-Business Innovation Group, Tata TeleServices

Vijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank

Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay

Vijay Mehra, Former Global CIO, Essar Group

SALES & MARKETINGVP Sales & Marketing: Naveen Chand Singh

National Manager-Events and Special Projects: Mahantesh Godi (09880436623)Product Manager: Rachit Kinger

Asst. Product Manager: Priyam MahajanGM South: Vinodh K (09740714817)

Senior Manager Sales (South): Ashish Kumar SinghGM North: Lalit Arun (09582262959)

GM West: Sachin Mhashilkar (09920348755) Kolkata: Jayanta Bhattacharya (09331829284)

PRODUCTION & LOGISTICSSr. GM. Operations: Shivshankar M Hiremath

Production Executive: Vilas MhatreLogistics: MP Singh, Mohd. Ansari,

Shashi Shekhar Singh

OFFICE ADDRESSPublished, Printed and Owned by Nine Dot Nine Interactive Pvt

Ltd. Published and printed on their behalf by Kanak Ghosh. Published at Bunglow No. 725, Sector - 1, Shirvane, Nerul

Navi Mumbai - 400706. Printed at Silver Point Press Pvt Ltd, D-107, TTC Industrial Area, Nerul, Navi Mumbai 400706.

Editor: Anuradha Das Mathur

www.thectoforum.com

18 | BEST OF BREED:GETTING IN SHAPE Dhanlaxmi Bank had to align its IT strategy with business goals.

REGULARS

01 | EDITORIAL08 | ENTERPRISE

ROUND-UP50 | HIDDEN

TANGENTadvertisers’ index

VERIZON IFC HP 5SAS 7DELL INSERT AFTER 16HITACHI ADVERTORIAL 32-35POLYCOM 39ACE DATA 43AVAYA 49SYBASE 51EMC IBCCANON BC

This index is provided as an additional service.The publisher does not assume

any liabilities for errors or omissions.

40 | NO HOLDS BARRED: MANOJ CHUGH, PRESIDENT INDIA AND SAARC, EMC CORPORATION on being a preferred information management partner.

40

A QUESTION OF ANSWERS

12 | Altering the Economics of Cyber Security Larry Clinton, President and CEO, Internet Security Alliance (ISA) on the changing face of the security landscape.

12


18



I BELIEVE

CURRENTCHALLENGE

ENCOURAGING STAKE HOLDERS TO BE THE NEW GAME CHANGERS FOR THE ORGANISA-TION

THE AUTHOR HAS 27 yrs of Industry experience in the transportation

vertical ( Airport and Airline)

We need Game Changers There has never been a better time to change.

Also, it is definitely not a solo act. CIOs must be motivators and men-tors to a nucleus group of “game changers”.

But, change is never easy. It is always a challenge to maintain the very skilled ICT workforce, even for sustaining basic operations. So the way forward to ensure interest and challenge in the team which man-aging change is to innovate. When there is a collective effort to scruti-nise an existing process, you would be amazed to see how well the team responds with multiple options to do a process differently.

It is also very easy to get carried away. The best way forward is to list a select set of processes or services or products to be put on the “change table” for a makeover. Then you can list the top five issues to be looked at for “change”; rank them based on the impact to business and performance measures and finally choose the most impacting issue for change.

CIOs should then fuel the team by triggering the need for urgent action and guide the team, for it is very important that everyone gets the vision right. You can judge the effect of change through a POC or pilot run.

So, not every challenge is to be addressed, the team of game chang-ers, needs to pick the right ones. And for better manageability the safe bet is not to have too many permutations and combinations to address the change.

Since business is never static, the need for game changers could change the landscape of organisa-tion outlook and hence needs to be encouraged. It is also equally needed to get the buy-in from the executive management, once a clear road map has been thought of and articulate the change effect as to how the trans-formation would happen.

I BELIEVE that India is going to go places, with the growth curve tak-ing a good climb. This is the opportune time for game changers to display their talents.

It is my earnest belief that as CIOs we need to encourage our stake holders to be “game changers”. With every enterprise built now on ICT, staff has more insight, than a majority of non ICT state players, in organisation process across verticals.

BY S.FRANCIS RAJAN VP, ICT, Bangalore International Airport Ltd

PH

OT

O B

Y S

RA

DH

AK

RIS

HN

A

LETTERS

WRITE TO US: The CTOForum values your feedback. We want to know what you think about the magazine and how

to make it a better read for you. Our endeavour continues to be work in progress and your comments will go a long way in making it the preferred publication of the CIO Community.

Send your comments, compliments, complaints or questions about the magazine to [email protected]

USE BEFORE YOU PAY

“Cloud computing brings in elasticity in usage of services allowing pay per use models. Telecom, Virtualisation and Cloud computing together are here to transform IT.”To read the full story go to:

www.thectoforum.com/content/use-you-pay

CTOF Connect VMware is certainly not giving up its position in the hypervisor market but that’s not something the company banks on. Paul Maritz, CEO of VMware speaks to Rahul Neel Mani about how the company will rule the world in data centre automation and management space.

thectoforum.com/content/making-seductive-promises-a-reality

OPINION

SUNIL SIROHI VP, INFORMATION RESOURCES ORGANISATION, NIIT LIMITED.

ARE CIOS THE RIGHT ARCHITECTS OF CHANGE MANAGEMENT CIO has to understand what type of data brings the most value to the company.Dealing with some unwanted or unexpected change due to circumstances beyond con-trol can lead to in-fighting and increased paperwork. For that CIO has to empower others to act, form a guideline to create a specific and communicating vision. At this time overlook-ing any one when developing a transformation plan will add significant risk to the change efforts. VIVEK DHARIA, CIO at KNP SEC. PVT. LTD.

CTOForum LinkedIn GroupJoin close to 500 CIOs on the CTO Forum LinkedIn group

for latest news and hot enterprise technology discussions.

Share your thoughts, participate in discussions and win

prizes for the most valuable contribution. You can join The

CTOForum group at:

www.linkedin.com/

groups?mostPopular=&gid=2580450

Some of the hot discussions on the group are:

How do you treat your vendors - a partner, a

service provider, or a mere salesman?

It is situational. Partner relationship arises mostly in case

of transformation and transition situations or long term

Support commitments where stakes are involved from

both side. This way it makes both parties go the extra

mile with a smile. Else it is Service Provider or pure Sales

vendor.

—Pankaj Sahni PGDBM, PGDCA, Prince 2, ITSM, ITIL

The Cloud is all air and no substance

I am a strong believer of cloud services however on the

other hand there are not many players who have reached

the maturity level.

The way Google Apps shaping up and gaining market

share on messaging it looks the game will change sooner

than later.

—Manoj SharmaVice President & Head IT at Jones Lang Lasalle

Transformation times for IT





Enterprise

ROUND-UP

STORY INISDE

A PlayBook for Work. Blackberry announces

its answer to the iPad. Pg 10

Predicted combined share of Symbian and Android by 2014.

Global IT Debt to Cross $500 Billion. The scale of maintenance backlog has created a systemic risk.GLOBAL IT debt will total approximately $500 bil-lion in 2010, with the potential to rise to $1 trillion by 2015, according to Gartner. Gartner defines IT debt as the cost of clearing the backlog of maintenance that would be required to bring the corporate applications portfolio to a fully supported current release state.

"Over the last decade, CIOs have frequently seen IT budgets held tight or even reduced. The reaction has been to still deliver quality of service for opera-tional services and to use any potential project spend to deliver new functionality," says Andy Kyte, vice president and Gartner fellow. "The bulk of the budget

cut has fallen disproportionately on maintenance activities — the upgrades that keep the application portfolio up-to-date and fully supported. There is little problem if this is done in one year, but year after year of deferred maintenance means that the application portfolio risks getting dangerously out of date."

Gartner analysts said one way to characterise this backlog of deferred liability is to see it as a debt incurred in previous years that will need to be paid off at some time. This is a hidden risk for many organisations, and given continued tight economic conditions, this IT debt is growing, and so is the associated business risk.

59.8%DATA BRIEFING

SOURCE: GARTNER

ILLU

ST

RA

TIO

N:

SA

NT

OS

H K

US

HW

AH

A

E N T E R PR I S E RO U N D - U P



According to IDC, worldwide mo-bile email subscribers will increase to 250 million in 2014. Success of smartphones — such as the Apple iPhone, BlackBerry and Google's Android — will help maintain strong growth in smartphones and subsequently mobile email usage.

QUICK BYTE ON WORLDWIDE MOBILE EMAIL SUBSCRIBERS

On a New Flight. IBM signs business and IT services agreement with Jet Airways.JET AIRWAYS and IBM have signed a strategic ten-year business transformation and information technology (IT) services agreement. Valued at $62 million, the agreement will help the airline achieve growth by aligning the company's IT with business strategy.

As part of the deal, IBM will provide cutting-edge technology solutions to trans-form the airline's business areas such as airport operations, direct distribution and frequent flier programs. This engagement will help Jet Airways improve and inte-grate its IT systems to deliver a differentiated customer experience and improve its operational efficiency.

IBM will support Jet Airways with IT Infrastructure and application support services including employee transition, data centre operations, central helpdesk support, server and storage operations, internet security services through the use of Tivoli suite, network management, SAP and other operating systems.

"Jet Airways will have access to industry expertise and knowledge, which are essential for sustaining growth and leadership in the competitive global market." says Sameer Batra, Vice President, Distribution Sector, IBM India/South Asia.

Talking to Reuters in a briefing ahead of the launch of RIM's PlayBook, the new BlackBerry tablet, Mr. Balsillie, RIM’s co-CEO, said the PlayBook and the QNX architecture powering it mark the arrival of the first fully functioning Internet experience in a mobile package. In short, RIM’s device is a "game changer," he says.

—Jim Balsillie,

Co-CEO, RIM

“People say it’s about a couple of hundred thousand apps and we say, how about 10 million Flash apps. It’s an interesting new dialogue. We’re a VPN with a bunch of interfaces and efficient presentation, that’s our game. This is just a natural extension to it in a world that’s gone super-fast to Web and media.”

THEY SAID IT

JIMBALSILLIE

PH

OT

O:

PH

OT

OS

.CO

MP

HO

TO

: P

HO

TO

S.C

OM

presentation, that’s our game. This is just a natural extension to it in a world that’s gone super-fast to Web and

E NT E R PR I S E RO U N D - U P



A PlayBook for Work. A real ‘iPad killer’ or a sheep in wolf’s clothing?IT'S WAR With Apple laughing all the way

to the bank with runaway success of the iPad, the war of the me-toos has just begun. RIM currently have a stranglehold on the business and enterprise smartphone mar-ket, their newly announced tablet, named “PlayBook”, could run into troubled waters amongst the business community as their BlackBerry devices also face increasingly stiff competition from the iPhone.

Now let us look at the PlayBook. In RIM's own words it is a “Business Driving, Flash Loving, App-Rocking, Device-Pairing, Multi-processing, Multitasking, Uncompromised Browsing, Enterprise Ready Professional Tablet.” Phew ! That's a pretty stretched out

description if anything. But is it really worth all the hype and hoopla?

The PlayBook looks aesthetically designed and portable, not to mention ultra thin and seems convenient for both work and play. Measuring less than half an inch thick and weighing less than a pound, the BlackBerry PlayBook features a vivid 7” display. At its heart, the BlackBerry PlayBook looks the part of a multitasking powerhouse. Its performance is jointly fuelled by a 1 GHz dual-core processor and the new BlackBerry Tablet OS which supports true symmetric multiprocessing.

There is support for Adobe Flash Player 10.1, Adobe Mobile AIR and HTML-5. The

The number of people in the United States who do not use the internet at all decreased by 6 percent to 30 percent as compared to a 36 percent two years ago.

BlackBerry PlayBook also features premium multimedia features to support high-quality mobile experiences. It includes dual HD cameras for video capture and video confer-encing that can both record HD video at the same time.

For those BlackBerry PlayBook users who carry a BlackBerry smartphone, it is also possible to pair their tablet and smartphone using a secure Bluetooth connection. This means they can opt to use the larger tablet display to view any of the email, BBM, cal-endar, tasks, documents and other content that resides on (or is accessible through) their smartphone.

When connected over Bluetooth, the smartphone content is viewable on the tablet, but the content actually remains stored on the BlackBerry smartphone and is only temporarily cached on the tablet (and subject to IT policy controls). With this approach to information security, IT depart-ments can deploy the BlackBerry PlayBook to employees out-of-the-box without worry-ing about all the security and manageability issues that arise when corporate data is stored on yet another device.

So, RIM have managed to stack all of it in there and say, “ Perfect for either large organisations or an “army of one”, the BlackBerry PlayBook is designed to give users what they want, including uncom-promised web browsing, true multitasking and high performance multimedia, while also providing advanced security features, out-of-the-box enterprise support and a breakthrough development platform for IT departments and developers. The incred-ibly powerful and innovative BlackBerry PlayBook is truly a game-changing product in the growing tablet marketplace. But what remains to be seen is how the market laps up this impressive offering, which is quite contrasting to BlackBerry's last dud, the much-hyped Storm, featuring BlackBerry OS 6.

RIM's Mike Lazaridis has labelled the PlayBook a "professional tablet," and said the initial push came from RIM's traditional corporate customers wanting the Canadian smartphone manufacturers to “amplify” the BlackBerry.

—Nipun Sahrawat

GLOBAL TRACKER

Internet usage increase

SOURCE: THE UNITED STATES DEPARTMENT OF COMMERCE'S NATIONAL TELECOMMUNICATIONS AND INFORMATION ADMINISTRATION SURVEY.

36%

30%

IMA

GIN

G:

JOF

FY

JO

SE

E N T E R PR I S E RO U N D - U P



MOBILE TECH

ARM has unleashed the Cortex-A15

MPCore processor that delivers a

5x performance improvement over

today’s advanced smartphone

processors, within a comparable

energy footprint. In advanced infra-

structure applications the Cortex-

A15 processor running at up to

2.5GHz will enable highly scalable

solutions within constantly shrink-

ing energy, thermal and cost bud-

gets. The Cortex-A15 processor is

now available for licensing and is

targeted at manufacture in 32nm,

28nm, and future geometries.

As the latest addition to ARM's

Cortex-A family of processors, the

Cortex-A15 MPCore processor

will enable a new and vast array

of products ranging from next-

generation smartphones, tablets,

large-screen mobile computing

and high-end digital home enter-

tainment devices through to wire-

less base stations and enterprise

infrastructure products.

The Cortex-A15 extends the capa-

bilities of the ARM Cortex-A Series

by adding efficient hardware sup-

port for OS virtualisation, soft-error

recovery, larger memory address-

ability and system coherency. The

Cortex-A15 also enjoys full appli-

cation compatibility with other

Cortex-A processors. This enables

immediate access to an estab-

lished developer and software eco-

system including Android, Adobe

Flash Player, Java SE, JavaFX, Linux,

Microsoft Windows Embedded

Compact 7,etc .

WORLDWIDE enterprise software

revenue is on pace to surpass $232

billion in 2010, a 4.5 percent increase

from 2009 revenue of $222.4 billion,

according to the latest forecast from

Gartner. The enterprise software mar-

ket is projected for continued growth

in 2011 with revenue forecast to

reach $246.6 billion. Through 2014,

THE RECENT Stuxnet worm attack is sparking lots of discussion and speculation about the intent, purpose, origins and -- most importantly – the identity of the attacker and target.

Kaspersky Lab has not seen enough evidence to identify the attackers or the intended target but confirm that this is a one-of-a-kind, sophisticated malware attack backed by a well-funded, highly skilled attack team with intimate knowledge of SCADA technology.

Kaspersky believe this type of attack could only

Is Stuxnet a Start to the Cyber War-fare Era? Experts believe that Stuxnet manifests the begin-ning of the new age

billion in 2010, a 4.5 percent increase

from 2009 revenue of $222.4 billion,

FACT TICKER

the market is expected to reach $297

billion at a five-year compound annual

growth rate (CAGR) of 6 percent.

"After declining 2.6 percent in 2009,

the worldwide market for enterprise

software is recovering well with signs

of continuing growth on the horizon,"

says Joanne Correia, managing vice

president at Gartner.

Some regions will fare better than

others with five-year CAGRs to 2014

varying from 2.7 percent in Western

Europe to 11.5 percent in Asia/Pacific

and Latin America.

"China and India continue to be the

growth engine of the software market

in the region and currently represent

the largest and the fourth-largest soft-

ware markets in Asia/Pacific," said

Yanna Dharmasthira, research direc-

tor at Gartner. "India has much local

market potential, while the country's

continuing integration with key global

economies is generating software rev-

enue growth in all key industries."

be conducted with nation-state backing."I think that this is the turning point, this is the

time when we got to a really new world, because in the past there were just cyber-criminals, now I am afraid it is the time of cyber-terrorism, cyber-weapons and cyber-wars," says Eugene Kaspersky, co-founder and chief executive officer of Kasper-sky Lab.

Speaking at the Kaspersky Security Symposium he described it as the opening of "Pandora's Box."

"This malicious program was not designed to steal money, send spam, grab personal data, no, this piece of malware was designed to sabotage plants, to damage industrial systems," he says.

"I am afraid this is the beginning of a new world. 90-ies were a decade of cyber-vandals, 2000's were a decade of cybercriminals, I am afraid now it is a new era of cyber-wars and cyber-terrorism," Kaspersky adds.

Researchers at Kaspersky Lab discovered two of the zero-day vulnerabilities the worm exploits, which they reported directly to Microsoft. The ana-lysts then worked closely with Microsoft during the creation and release of the patches for these vulnerabilities.

In addition to exploiting four zero-day vulner-abilities, Stuxnet also used two valid certificates (from Realtek and JMicron) which helped to keep the malware under the radar for quite a long period of time.

The worm's ultimate aim was to access Simatic WinCC SCADA, used as industrial control sys-tems that monitor and control industrial, infra-structure, or facility-based processes. Similar systems are widely used in oil pipelines, power plants, large communication systems, airports, ships, and even military installations globally.

Software to Surpass $232 B. Analysts Say Revenue Is Rising but Recovery Is Patchy.

PH

OT

O:

PH

OT

OS

.CO

M

"After declining 2.6 percent in 2009,

varying from 2.7 percent in Western

Europe to 11.5 percent in Asia/Pacific



A Q U E S T I O N O F AN SWE RS L A RRY CL I N TO N

LARRY CLINTON | INTERNET SECURITY ALLIANCE

Larry Clinton, President and CEO, Internet Security Alliance (ISA) in conversation with Anthony M. Freed on the changing face of the security landscape.

I recently had the opportunity to discuss information secu-rity issues with Larry Clinton, Internet Security Alliance

(ISA) President and CEO.ISA is an international multi-sector

trade association established in col-laboration with Carnegie Mellon University in 2000. ISA represents an array of organisations concerned with information security from the aviation, banking, communications, defence, education, financial services, insurance, manufacturing, security and technology sectors, and has several member companies based in India.

ISA advocates a modernised social contract between industry and government creating market based incentives to motivate enhanced security of cyber systems, and pro-

vides its members with a range of technical, business and public policy services to assist them in fulfilling their mission.

The ISA mission is to combine advanced technology with the economic realities and help create effective public policy leading to a sustainable system of world-wide cyber security.

Mr. Clinton has led ISA since 2007, and is frequently called upon to offer expert testimony and guidance to the White House, Congress and numer-ous Federal Agencies on policy and legislative efforts.

We are extremely fortunate Mr. Clinton has set aside some time from his very busy schedule to offer some insight into the critical role ISA plays in shaping the future of cyber security.

The Internet Security Alliance (ISA) and American

National Standards Institute (ANSI) recently released “The Financial Management of Cyber Risk: An Implementation Framework for CFOs (sponsored by Symantec)” - what is the crux of the message your organisations are presenting in this report?That many enterprises are not fully appreciating the financial risks cre-ated by poor cyber security, and therefore not making the needed investments to protect themselves.

Too many organisations simply view cyber security as an operational/technical issue when in reality it is much more. It's an enterprise wide risk management issue that needs to be tackled in a comprehensive fash-

Economics ofAltering the

Cyber Security

L A RRY CL I N TO N A Q U E S T I O N O F AN SWE RS






Cyber Security: Too many organisations simply view cyber security as an operational/technical issue.




ion and not just outsourced to the "techies" in hopes that they will find a magical solution.

The fact is that virtually every department in a modern organisa-tion owns data – the finance guys have data, the HR people have data, the legal compliance people have data – but they generally don't think it's their job to secure their own data – that's the job of the IT guy at the end of the hall.

Unfortunately most IT shops are viewed as cost centres, which espe-cially in tough economic times are already underfunded. These depart-ments are carrying more responsibil-ity and getting fewer resources, many organisations are blind to the risk that creates for the enterprises as a whole.

How would you characterise the current state of cyber

security and the effect it has on our economy?It's very difficult to precisely assess the impact of poor cyber security on our economy but it is almost certainly enormous. In 2004 the Congressional Research Service estimated that American businesses had lost $46 billion dollars due to poor cyber security. When President Obama released his Cyber Space Policy Review in spring of 2009 it cited a study claiming US busi-nesses had lost $1 trillion dollars just in the value of stolen intellectual property from cyber attacks in the previous year.

Even if we assume for the sake of argument that the study the Presi-dent cited is off by $500 billion dol-lars that still means that American businesses lost hundreds of billions of dollars in intellectual property theft. And that would not even take into account economic losses from downtime, inefficiency, customer dissatisfaction, or shareholder dis-content following publicised breach-es – which have been documented in the literature.

In addition, we know that many organisations that have been subject

proper risk management of cyber security to the seductive trade off that exists between operating secure systems and operating ones that are completely user friendly.

But several studies have shown the biggest barrier to adopting effective cyber security practices in the corpo-rate space, is cost.

This problem is compounded by the fact that cyber security economics is not well understood – mostly due to the fact that people make simplis-tic assumptions that do not fit with the facts.

Perhaps the most common of these is the assumption that if enterprises are losing money from cyber attacks they will naturally make the invest-ments to stop the cyber losses.

The evidence clearly indicates that is not correct. All the evidence dem-onstrates that the number of cyber vulnerabilities attacks and loses are increasing dramatically. However, several large recent studies have also

to successful attacks, but may not be yet aware that malware is residing on their systems.

We have to realise that virtually every aspect of our economic struc-ture is now linked to and reliant on these modern electronic information systems. So, by any measure the lack of cyber security is an enormous eco-nomic problem.

The ISA has long advocated market incentives as the best

approach to security innovation - what role do you see the private sector playing in overall security efforts?The ISA was founded on the assumption that since the private sector owns and operates the vast majority of the cyber systems it is their responsibility to take a leader-ship role in protecting it.

The private sector needs to con-tinue to develop the technologies, standards and practices not only to drive innovation and digital service, but to protect it as well.

Probably the single most under-reported fact in the cyber security field is how well the private sector has done this job. There are a range of studies going back years that show that if we would simply implement the standards practices and technolo-gies we have already developed, we could prevent or mitigate the vast majority of cyber breaches.

Earlier this month the US Secret Service in conjunction with Verizon published a study showing that adopting existing best practices could have stopped 94% of the 900 actual cyber breaches they studied.

Free Market solutions to many security vulnerabilities

are readily available, but how can we guarantee moving forward that the best products become the most widely utilised?There are a range of issues that need to be addressed including the outdated corporate structures we discussed above which inhibit the

Most IT shops

are viewed as

cost centres.

American

businesses have

lost hundreds of

billions of dollars

in intellectual

property theft.

Biggest barrier

to adopting

effective cyber

security practices

in the corporate

space, is cost.

THINGS I BELIEVE IN




documented that between half and 2/3rd of American companies are actually deferring or reducing their investments in cyber security.

We now know that many enterprises are mis-analysing the effect of cyber security on the bottom line and that's part of the prob-lem. We also know that many organisations

There was a time when some smaller com-panies assumed that they were too small to attract the attention of attackers. However attacks are now often automated so size doesn't matter. Indeed the recent research shows that smaller firms are every bit as likely to be attacked as larger ones.

This latest report is addressed to CFO's - is it difficult to effectively

translate the vernacular of IT and net-work management into the language of enterprise-wide risk abatement?Well let's not just blame the IT guys for "geek-speak"-although they certainly do have a language of their own – and assuming everyone will learn that language is probably not going to work. But so do the lawyers. And so do the finance guys. In fact jargon is pretty endemic to most professions.

What we are really saying in our report is that all the entities involved in corporate cyber security – IT-legal-compliance-HR-finance-communications-operations – every-one needs to all be taking responsibility for cyber security on an enterprise wide basis.

We do specifically reference the CFO because s/he usually has cross depart-mental responsibility, but we note the job of leading the group could be given to another cross-departmental person such as the Chief Risk Officer.

The core of our approach is that everyone gets involved in an enterprise-wide cyber risk group with an enterprise wide cyber security budget and that they meet regularly to discuss and resolve their common prob-lem. When they are talking together regular-ly they will learn how to communicate and the enterprise itself will be the better for it.

If one reads the chapters of our most recent publication one of the things that jumps out at you is that each of these various departments have their own unique issues with respect to cyber security. These need to be, and we think can be, melded together into a functional sys-tem that receives the necessary support from the entire organisation.

How do financial regulations such as SarbOx and some SEC man-

dates relate to IT and network security decisions, and should they be reported as presenting a material risk to share-holders?This is an area the ISA Board is very interest-ed in, which is how can we elevate this discus-sion to the Board level or the shareholders.

We are currently looking into this topic as a potential "phase III" of our financial management of cyber risk project. Frankly we are looking for entities that might help us with this analysis.

“Probably the single most under-reported fact in the cyber security field is how well the private sector has done its job.”tolerate a degree of insecurity-cyber or oth-erwise – after making a cost benefit analysis and determining that although there are economic losses due to poor security, if the cost of becoming secure is greater-they will tolerate the insecurity.

While this may be fine-even appropriate – for a corporation legally obligated to maxi-mise shareholder value, it is clearly not in the public interest, and poor cyber security may even create – does create – significant national security issues.

So the government does need to have a role. It's just that government can't just try to impose 20th century (actually 19th cen-tury) models like regulatory mandates to a 21st century technology like the Internet.

ISA advocates a modern Social Contract wherein government assists in determining what practices work (much like they do with drugs at the FDA) and then provides the market incentives to bridge the gap between the corporate interest in security and the public interest.

SMBs, healthcare, legal, financial and in the education sector have

all experienced an increased demand for information security, while their organisations are requiring budget cuts across the board - can smaller entities really expect they can afford to keep pace with hardware, software and the required expertise?

And of course every small business in the world has the same goal – to become a big business. So even if smaller firms could free up capital to bolster their cyber security my guess is that most of these companies are going to use extra capital for additional sales and marketing much more likely than for improved cyber security.

In addition, most of the cyber security apparatus that have been developed through things like ISACs are generally too sophisti-cated and require too great of a time commit-ment to be attractive to smaller companies.

The good news is that there is progress being made. For example, the ISA has proposed an alternative information shar-ing model designed to provide smaller firms with easily usable data to protect themselves. We were pleased when Melissa Hathaway cited our proposal in the Cyber Space Policy Review Obama published a year ago, but we have had a very hard time getting our friends at DHS to provide the government side of the assistance we need to make things work. However, I'm happy to report that we now seem to have some traction on this proposal and I'm optimistic we can get something done.

However, in the end I think at least for smaller firms the best way to get them to enhance their cyber security is by integrating cyber requirements into government pro-grams like SBA loans or even as tax credits.


As to the preliminary question as to how SOX is effecting cyber security, we think there are mixed results. Clearly there was some low hanging fruit that SOX may have initially helped harvest and thus cre-ated some improvements. However, we are also hearing that the complexities of the regulatory and auditing systems are now having a counter-productive effect on cyber security.

ISA is very interested in analysing this area better and I expect we will have more to report on it in the future.

There seems to be little legal prec-edent established regarding liabil-

ity in the electronic data access chain - what effect on security best practices will the courts have when they do finally weigh in?This really depends on how the courts weigh in, and my own guess is that it may take quite awhile to get a clear picture on the liability question.

The partisan divide in the cyber security

field is between the consumers who say the vendors ought to be liable because they sell vulnerable systems and the vendors who say that no one wants to pay the cost of fully secured systems and the consumers typically ignore the vendors' suggestions about security.

So when a breach occurs who is liable?ISA believes a better answer is to develop

a system wherein we use the market to motivate improved cyber security. We already know what works, we just have to implement it. We also know that the main barrier is cost – and not that much. Finally we have a well developed system of using market incentives including procurement, awards, SBA loans, insurance etc. to suc-cessfully motivate pro-social behaviour. We simply need to apply these incentives to the cyber security space and motivate the prac-tices of standards that we know will work.

What's next on the ISA's agenda?ISA's mission is to integrate advanced

technology with business economics and

public policy to create a sustainable system of cyber security.

Core to this notion is that we need to mature our understanding of this issue to appreciate that cyber security is as much an economic and strategic issue as it is an operational technical one.

So we are focused on altering the econom-ics of cyber security.

The main reason we have so many attacks is all the economic incentives cur-rently favour the attackers – attacks are easy, cheap, you can steal billions and your chances of getting caught are slim.

If we can increase the cost to the attackers and simultaneously increase the profit-ability of good cyber defence we believe we can create the sustainable system of cyber security which will make out nation and our economy the envy of the world in the 21st century, just as we were in the 20th century.

— Anthony M. Freed

This article is published with prior permission

from www.infosecisland.com.

16B 07 OCTOBER 2010 CTO FORUM THE CHIEF


BEST OF

BREED

The critical need for corporate wire-less help desk services to support thousands of mobile devices is plac-ing a tremendous burden on the IT department. This can be detrimen-

tal for companies struggling to provide quality wireless help desk service internally, as they often lack enough personnel who are skilled in using advanced mobile device management and remote troubleshooting tools.

It isn't surprising that IT professionals are expected to wear different hats for various IT

issues and responsibili-ties. But the truth is, many end up fielding incessant calls to address employ-ees' wireless device and plan complaints or other time-consuming requests. These user requests can easily eat up 70 to 90 percent of an IT profes-sional's workday.

With the explosive growth in mobile devices, and along with it the increased need for support services, the IT team is trying to manage a criti-cal area without specific wireless expertise. Their other assigned job responsibilities are eclipsed by activities such as trying to stay up to speed on the latest mobile devices, platforms and plans. As a result, the IT department operates inefficiently and becomes distracted from larger, strategic com-pany issues. Meanwhile, IT staff frantically tries to keep up with one-off requests.

Outsourcing wireless help desk services is one way to ease the burden on IT. Here are five reasons that this best practice strategy works.

Five Reasons to Outsource Wireless HelpSaving your team from service nightmares. BY JOHN SHEA

ILLU

ST

RA

TIO

N:

AN

OO

P P

C

“Organisations that choose to outsource can utilise internal IT for mission-critical programs.”

AUTHOR SAYS:

IT teams try to manage a critical area without specific expertise



W I RE L E S S H E L PD E S K B E S T O F BR E E D

REASON NO. 1 The complete packageAn outsourced wireless help desk can work in tandem with a wireless expense manage-ment (WEM) solution to handle all steps of the corporate mobility life cycle and eliminate piecemeal service for an employee base. This includes offering a self-service wireless portal that addresses employees’ needs from their initial device request (mak-ing sure their selected phone is approved for their role) to helping them choose a rate plan that aligns with the company's carrier volume discounts. The portal is inte-grated with the company's WEM solution to ensure that all new data and updates are centrally captured and tracked for reporting.

Wireless help desks also handle ad hoc troubleshooting, resolve repair and warranty issues, and ensure that security measures are taken. For example, they can issue an over-the-air (OTA) remote kill to a device if the device is lost or stolen, and provide inte-grated Mobile Device Management (MDM) capabilities. Additionally, mobile device recycling with a no-landfill policy is also available for securely wiping devices.

REASON NO. 2 Ensures high-quality service with low impact on ITIt's hard for the IT team to maintain a posi-tive reputation when it's struggling to fight fires and unable to focus on other priorities. Typical enterprise IT teams are not equipped with the advanced skills needed to address the array of wireless ordering, as well as the mobile device and application issues that typically flood a help desk. Nor can they pos-sibly stay up to speed on the ever-expanding range of devices and mobile applications that continu-ously hit the market.

Conversely, when wireless help desk is outsourced, IT man-ages the outsourcer and builds service-level agreements (SLAs) into the contract to generate con-sistent results, without having to do all the legwork. For example, a large financial services com-pany in the United States suc-cessfully secured SLAs that required their outsourced wireless help desk to yield a minimum "four out of five" rating for

customer satisfaction results, and required wireless help desk personnel to pick up calls in under 90 seconds at least 85 percent of the time.

These types of measures allow the IT department to focus on revenue-generating and protecting programs rather than burning time troubleshooting to resolve wireless prob-lems—and likely taking a customer satisfac-tion hit in the process. Instead, managers can redeploy IT staff to complete higher priority projects in their core competency areas.

REASON NO. 3 Proactively avoids a heart attack billExcessive charges from unexpected inter-national usage or unanticipated data usage on devices without optimised data plans can result in a very high wireless invoice—that is, a "heart attack" bill. By using real-time wireless usage management to catch unanticipated wireless behaviour the moment it happens, a wireless help desk provider can then take immediate action to curb the activity.

Real-time wireless usage management uses agent software on the mobile device to report usage back to the help desk in a variety of areas, including voice, data, text, roaming, etc. This data is then automati-

cally compared to the company's wireless contracts (and other information) so that action can be taken immediately to curb excessive costs.

For example, if a global com-pany has an employee based in the United States who flies to London on a business trip without an international rate plan and tries to make a call when he arrives, the wire-less help desk can receive an

alert as soon as the call is initiated. It can then take immediate action to add the international plan or send a message to

the employee asking him to refrain from using the device while abroad.

REASON NO. 4 Offers round-the-clock availability and expertise

An outsourced wireless help desk offers employees 24/7 access to subject matter expertise on the latest mobile devices and plans. It also offers them access to scalable call centers depending on changing support needs, which dramatically eases the burden on a company's IT department. This greatly accommodates global employees who may not be working in the same time zone as the company's internal IT department.

REASON NO. 5 Provides seamless device replacementWireless help desk providers can offer immediate device replacement when needed, often with overnight delivery if the particular problem isn't resolvable via phone or remote access. This eliminates the need for an IT department to keep a large stash of the latest devices on hand. Plus, they do not have to deal with a high volume of impromptu shipping logistics.

A company's wireless help desk ser-vices typically span a broad range of needs that often require specific expertise and time-intensive activities. With internal IT resources already stretched thin on various responsibilities, these additional services can paralyse the entire department.

Organisations that choose to outsource their wireless help desk services can utilise their internal IT department's ser-vices for more mission-critical programs that leverage their specific strengths and will, ultimately, bring more value to the organisation.

— John Shea is Chief Marketing Officer at

Rivermine. This article is published with prior

permission from www.cioinsight.com.

>70%OF AN IT

PROFESSIONAL'S

WORKDAY IS

EATEN UP BY USER

REQUESTS

IT teams are not equipped with the skills needed to address the mobile device and application issues that typically flood a help desk.



Thrissur-based Dhanlaxmi Bank has transformed signifi-cantly in the last couple of years. The Bank underwent a major rebranding exercise under the leadership of an aggressive management, recruited experienced people across functions, and introduced products and processes

that were needed to catapult it amongst the top five private sector banks. It expanded beyond its home state of Kerala by opening branches in

cities and towns across India. Last year, it opened 66 new branches and 350 ATMs. Today, it is one of the fastest growing private sector banks in India with business exceeding Rs. 13,000 crore and a pan India network of 272 branches, 435 ATMs covering 136 centres across 14 states.

To meet the expansion and growth plans, technology infrastructure and applications witnessed a considerable change. “We are a born-again bank and want to create everything from scratch,”

Getting In Shape

CASE STUDY | DHANLAXMI BANK

CHALLENGE: To meet the EXPANSION and GROWTH plans, Dhanlaxmi Bank had to align its IT STRATEGY with business GOALS to expand its OPERATIONS across India.



CA S E S T U DY B E S T O F BR E E D

says Muralidharan R, President, Information Technology and Operations, Dhanlaxmi Bank.

In the last nine months, the bank has put in place a new data centre, virtualised its servers, revamped the network architecture, made branch office operations effective through deployment of thin clients, and cut down on partners so that it has few service providers to manage.

For this financial year, retail lending has emerged as the key focus area for the bank and considering the high volume of loan transactions in retail assets business, it required a robust end-to-end solution that could improve turnaround time.To meet this business strategy, the bank deployed Fin-nOne to manage its retail lending business in July this

year. The choice for adopting FinnOne was made after the IT team realised that the solution would help them in managing all stages of loan application process, right from defining products and entering applicant details to verifying, approving and disbursing loans, and from maintaining repayment details to loan closure. The core lending platform will help the bank to service its retail customers more efficiently and improve productivity.

“Deployment of FinnOne has helped us in streamlin-ing our processes and put in place a systematic maker/checker facility. It has also enabled our team to create solutions and services within the scheduled time frame,” says Arvind Hali, Head, Retail Assets and Credit Cards Group, Dhanlaxmi Bank.

In addition to deploying FinnOne, the Bank migrated to the latest version of FlexCube (2009 version) during the same month. The new version will provide the bank with a platform for excellence in products and services and is expected to significantly improve speed, efficiency, ease of use, customer convenience, control and compliance.

MURALIDHARAN R, IT, President, Information Technol-ogy and Operations, Dhanlaxmi Bank has adopted Fin-nOne to manage the bank's retail lending business.

COMPANY DASHBOARD

COMPANY:Dhanlaxmi Bank

HEADQUARTER:Thrissur, Kerala

MD AND CEO:

Amitabh Chaturvedi

OPERATIONS:

As of September 14,

2010, it operated

through a network of

272 branches and

435 ATMs covering

136 centres across

14 states in India.

The company was

formerly known as The

Dhanalakshmi Bank

Ltd. and changed its

name to Dhanlaxmi

Bank Ltd. in August

2010.

PH

OT

O B

Y J

ITE

N G

AN

DH

I

MOST of the activities that

the branches conducted had

an effect on the production envi-

ronment. So if one had to carry

out a balance enquiry or print

statements, the transaction

would interrupt other processes

and this impacted the produc-

tion servers.

To address this concern,

the Bank decided to go for a

virtualised environment and

virtualised 36 of its existing

54 servers. This resulted in

improvement in end-of- day

operations.

“We used to spend nine

hours carrying out end-of-day

operations and unless one fol-

lowed a military like discipline,

they could not complete it,”

says Muralidharan.

The end-of-day operations

now take around two to three

hours. It has also freed human

resources who can now be

available to customers for a

longer time.

MAKING RESOURCES AVAILABLE

“The earlier version was useful as a customer service tool but lacked efficiency for customised customer service,” says Muralidharan.

Dhanlaxmi Bank became the first bank in the country to migrate to the new Java version of FlexCube and in fact, it was operating as a beta site for sometime before getting absorbed within the commercial environment.

Moving forward, the Bank is also looking at deploying a customer relationship management (CRM) solution and has already finalised a service provider. It also has plans to invest in enterprise integration platform (EAI).

—Ashwani Mishra







MOT I VAT I O N COVE R S TORY

The smallest of your actions can have a big impact on your staff – whether positive or negative. Look carefully before you step.I N S I D E22 | Five ways to Ensure Your IT Staff Will be Unhappy24 | Harmony in Diversity26 | Performance Improvement and the CIO28 | Winning the New War for IT Talent30 | Boosting Productivity of Knowledge Workers

The smallest of your The smallest of your The smallest of your The smallest of your The smallest of your The smallest of your The smallest of your



COVE R S TORY MOT I VAT I O N

What is at the top of the list is for people is to feel like their work matters; that it counts for something. The companies who create meaning for the work keep their employees engaged and productive through the busi-ness downturns and budget cuts

I recently heard part of an interview with Dan Ariely about his new book, The Upside of Irrationality. He talked about a test he did to measure how important meaning was in one’s work. The test was to complete a task repeatedly, until you wanted to stop. The task was to build a Lego robot. When you completed it, you were asked if you would like to build another robot.

In one case, the robot you built was placed to the side so you could admire it while you built the next one. In the other case, if you said you’d like to build another, they dismantled the one you just built right in front of you, gave you back the pieces and said, "Okay, build another one". Talk about draining all meaning out of someone’s work.

People want their work to matterI’m sure I am doing a disservice to Ariely’s work by taking this out of context, but this is one of the best metaphors I have heard for taking the meaning out of someone’s work. It also got me to thinking, what are all the ways we drain meaning from our employees work? Dis-mantle their robots right before their eyes — maybe even without recognising we are doing it? How can we build up the meaning instead?

1Changing your mind all the time - Say someone completes a project you said was really important, but the IT priorities changed since you first assigned the task. Now, instead of

accepting the work and thanking them, you cancel the project and ask them to do something else instead. Later you change your mind again, maybe even back to the first thing. Robot parts are flying at this point!

You can start by dismantling their robots in front of

their eyes. BY PATTY AZZARELLO

WAYS TO

BE UNHAPPYBE UNHAPPYPYPSTAFF WILLSTATAT FF WYOUR ITYOYOY UR ITENSURE555555555555555



Let people finish things. Consider the full cost of changing your mind. If you really have to change your mind, thank people for the work, and communicate a reason why their work still counts, even though you have changed your mind.

2 Not accepting something different than you'd do it - Be careful here, just because

it isn’t like you would do it, doesn’t mean that it’s not good enough, or maybe even better.

You are far more likely to create meaning if you accept good work, than if you tweak it to death. IT is detailed. While you may have to insist that certain processes like Change Control are followed to the letter, where there is room for interpretation. Let the intelligent technicians use their own judgment.

Consider the alternative. If everything you delegate is done the same way as you do it, you will never find a better way of achieving something.

3 Skipping the closure - The urgent cus-tomer issue or demand has disappeared

because the business either won or lost the deal that was making this special IT project necessary and urgent. When you no longer feel the urgency, there is a temptation to never go back to collect the work because it no longer matters. But, just because it no longer has its original business meaning, and you have moved on to other things, doesn’t mean you should take the meaning away from the people that did the work.

Find the value in the completed work, even if the project has to end. What pro-cesses worked well? Which didn’t? What techniques were developed that could be used on subsequent projects?

You can’t always let people finish things but don’t switch them out of a task before you have wrung the last piece of value out. It’s so much easier to just move on to your next urgent thing, but you are sacrificing your team’s motivation an ongoing perfor-mance and support if you skip this step.

Save the robot as a resource.

4Not being clear about the strategy - This is probably the biggest and most com-

mon hazard I have seen. Ambiguous strat-egy causes lots of wasted time and energy working on the wrong things, or waiting

for decisions to be made. It is really de-motivating for people to deliver work into a strategic black hole.

That is like throwing their robots directly into the trash can. Make the strategy clear. It’s what creates meaning for the work.

Make sure the IT department knows the top 10 business priorities for this year, for example. Show the connections between

We have to remember that though they are working on lifeless com-

puters, the resources in your IT depart-ment are human. They also want and deserve appreciation.

This is the worst for resources that are a part of support services. Those employees in the organisation that are not technologically oriented are the worst for the support team. They try and pass on the blame of the small-est of tech related problems to the IT team, in spite of the best efforts of the team to make the employees’ work life easier. On the other hand, when there are no errors in systems, it gets grossly unnoticed in the eyes of the organisa-tion. Do not let it be a thankless job for your team.

To ensure that the service team is not de-motivated you must have process based approach. This will not only help you track your problems better – but would keep your staff happy too.

Also, it is important that your team is appreciated by business leaders for the work that they are doing in keep-ing the business running smoothly and they feel a part of the team rather than some hidden cogs in the wheel that nobody notices.

They are HumansNOT MACHINES

Vipin KumarCIO, Escorts Agri Machinery Group

the top ten business priorities and the top IT projects. “The reason we are building a new data centre is because we expect much higher business volumes due to our expanding in to the far East and that means supporting more hardware ”or “The reason we are implementing ITIL Incident, Prob-lem and Change processes is because the business as a whole is focused on reducing execution risk, in order to compete against a new, more nimble competitor."

Similarly, if IT services of projects are cut, show how this is based on the business no longer needing the deliverable.

5Not connecting the dots - Even if the strategy is clear to you, don’t expect your

staff to automatically see how their work fits into supporting the big picture. You need to spell it out and show them why their work matters. If you never connect the dots about how their work specifically supports the overall strategy, there is no meaning in it for them. Otherwise, they are just putting their robots on a conveyor belt to be used for unknown purposes.

Ensuring that all your employees under-stand how the business works, and how their work helps move it forward, motivates and enables them make better decisions and add more value. Make it explicitly clear how each service that IT delivers benefits the business. The more specific you can be the more moti-vated the staff will be.

Saying, “The business would fail without the IT department” may be true, but it isn’t very motivating for the desktop support team with salespeople shouting at them every day.

Saying, “It is important that we keep the sales laptops running at 99%+ availability now that the sales force are using them to close business faster using the Web-based ordering system. Networking, Firewall, ERP support - that goes for you too!” ... is much more likely to have a positive effect.

The bottom line is with or without finan-cial rewards, your employees will do better work, faster, if they can personally see why it matters. — Today Patty is the CEO of Azzarello Group,

an organisation that helps companies develop

and motivate their top performers, execute

their strategies and grow their business. This

article is printed with prior permission from

www.cioupdate.com.




Motivate and Retain Different

Generations. BY DAVE WILLMER

HARMONY IN

DDDDDDDDDDDDDDVVVVVVVVVVVVVVVVVVVVVVVVVVVVEEEEEEEEEEEEEEEEEEEEEEEEEEEEVEVVVEVEVEVVVEVVVEVVVEVEVEVVVEVEVEVVVEVEVEVVVEVVVEVVVEVEVEVVVEVVEVVVEVEVEVVVEVVVEVVVEVEVEVVVEVEVEVVVEVEVEVVVEVVVEVVVEVEVEVVVEVVEVVVEVEVEVVVEVVVEVVVEVEVEVVVEVEVEVVVEVEVEVVVEVVVEVVVEVEVEVVVEV RRRRRRRRRRRRRRRRRRRRREREEEREREREEEREEEREEEREREREEEREREREEEREREREEEREEEREEEREREREEEREEREEEREREREEEREEEREEEREREREEEREREREEEREREREEEREEEREEEREREREEEREEREEEREREREEEREEEREEEREREREEEREREREEEREREREEEREEEREEEREREREEEREEREEEREREREEEREEEREEEREREREEEREREREEEREREREEEREEEREEEREREREEERE SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSRSRRRSRSRSRRRSRRRSRRRSRSRSRRRSRSRSRRRSRSRSRRRSRRRSRRRSRSRSRRRSRRSRRRSRSRSRRRSRRRSRRRSRSRSRRRSRSRSRRRSRSRSRRRSRRRSRRRSRSRSRRRSRRSRRRSRSRSRRRSRRRSRRRSRSRSRRRSRSRSRRRSRSRSRRRSRRRSRRRSRSRSRRRSRRSRRRSRSRSRRRSRRRSRRRSRSRSRRRSRSRSRRRSRSRSRRRSRRRSRRRSRSRSRRRSR TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTYYYYYYYYYYYYYYYYYYYYYYYYYYYYTYTTTYTYTYTTTYTTTYTTTYTYTYTTTYTYTYTTTYTYTYTTTYTTTYTTTYTYTYTTTYTTYTTTYTYTYTTTYTTTYTTTYTYTYTTTYTYTYTTTYTYTYTTTYTTTYTTTYTYTYTTTYTTYTTTYTYTYTTTYTTTYTTTYTYTYTTTYTYTYTTTYTYTYTTTYTTTYTTTYTYTYTTTYTDIDDDIDIDIDDDIDDDIDDDIDIDIDDDIDIDIDDDIDIDIDDDIDDDIDDDIDIDIDDDIDDIDDDIDIDIDDDIDDDIDDDIDIDIDDDIDIDIDDDIDIDIDDDIDDDIDDDIDIDIDDDIDDIDDDIDIDIDDDIDDDIDDDIDIDIDDDIDIDIDDDIDIDIDDDIDDDIDDDIDIDIDDDIDVIVVVIVIVIVVVIVVVIVVVIVIVIVVVIVIVIVVVIVIVIVVVIVVVIVVVIVIVIVVVIVVIVVVIVIVIVVVIVVVIVVVIVIVIVVVIVIVIVVVIVIVIVVVIVVVIVVVIVIVIVVVIVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDDDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVDIDVDIDVDDDVDIDVDVDVDIDVDDDVDIDVD IIIIIIIIIIIIIIIIIIIIISISSSISISISSSISSSISSSISISISSSISISISSSISISISSSISSSISSSISISISSSISSISSSISISISSSISSSISSSISISISSSISISISSSISISISSSISSSISSSISISISSSISTITTTITITITTTITTTITTTITITITTTITITITTTITITITTTITTTITTTITITITTTITTITTTITITITTTITTTITTTITITITTTITITITTTITITITTTITTTITTTITITITTTITTITTTITITITTTITTTITTTITITITTTITITITTTITITITTTITTTITTTITITITTTITTITTTITITITTTITTTITTTITITITTTITITITTTITITITTTITTTITTTITITITTTITR

esearch for our company’s recent white paper Workplace Redefined: Shifting Generational Attitudes During Economic Change found that 40 percent of workers of all ages say they’re more inclined today to look for new opportunities outside their firms. To help keep employees happy and improve retention, it’s useful to understand generational preferences in

the workplace.You may be surprised to learn, for example, that baby boomers (born from 1946-1964),

Generation X (born from 1965-1978) and Generation Y (born from 1979-1999) are not that different when it comes to what they seek in an employer and how they measure job satisfaction. Following are some tips, based on key findings from the white paper, that can help you boost employee loyalty:Recognise that salary matters - Many workers feel their pay levels have not kept pace with the contributions they made during the downturn. Of those surveyed, 37 percent said they are not fairly compensated for having assumed a greater workload. Employers should always aim to keep salaries in line with or slightly above what com-petitors are offering.




The Robert Half Technology Salary Guide (available at www.rht.com/SalaryCenter), as well as association and government reports, can help managers stay on top of trends. Bonuses and other financial rewards should be offered whenever possible to show appre-ciation for employees’ hard work. Compa-nies with tight budgets might consider extra time off, gift certificates or public praise for an achievement.

Reassess benefits packages - Benefits were also rated a chief priority for work-ers of all ages. All generations considered healthcare coverage a key concern, rating it a 9.1 out of 10 in importance. The next most

valued benefit was vacation/paid time off. While you may still be evaluating recent healthcare reform legislation and how it will impact your firm, there are steps you can take now to address the other priorities. Research your current vacation and paid time off allotment to employees. Is it competitive with other employers? Staff members who’ve worked long hours during the recession as well as those nearing retirement age may be particularly interested in more personal time. Health care can also be an affordable option to add to give your firm an edge.

Promote your company’s stability - The recent economic downturn prompted more employees to pay attention to their employ-ers’ financial performance. All generations surveyed rank working for a stable company and having a strong sense of job security as most important in their current work envi-ronment.

As the recovery unfolds, it’s critical to let your staff know of your firm’s business plans and goals for growth. Informing employees that the future looks bright and that you have a solid strategy going forward can be motivating and help with retention efforts. Also solicit staff input and include them in the planning stages for projects, so they feel their ideas are valued and that they have an impact on the process.

Provide learning opportunities - Employees have learned that keeping their abilities current is critical to their profes-sional success. Gen X and Gen Y workers, in particular, said one of their top post-recession career plans is to enhance their skill sets to become more marketable.

Investing in training programs can be a wise move to build job satisfaction and loy-alty. Technology professionals, in particular, want to remain on the cutting edge. In fact, it can be essential when dealing with hard-ware and software products that can become obsolete quickly. Providing challenging work on the job, including opportunities to get involved in new projects and gain additional skills, is another useful move for employers.

Motivating and retaining workers of all ages will become more of a concern as the economy gains momentum. By taking steps now to reinforce your position as an employer of choice, you can build loyalty and avoid losing top talent. This can give your entire firm a competitive advantage because you will have a knowledgeable, skilled base of IT professionals ready to help your company address future opportunities.

—Dave Willmer is executive director of Robert

Half Technology, a leading provider of IT pro-

fessionals for initiatives ranging from e-busi-

ness development and multiplatform systems

integration to network security and technical

support. The company has more than 100

locations worldwide and offers online job

search services. This article is published with

prior permission from www.cioupdate.com.

The generation gap in the workforce exists.

Managing workgroups consisting of a wide age range presents a number of challenges, but it also can yield significant oppor-tunities.

Due to the differences in work history, experience and the manner in which they communicate, each of these age groups have unique opinions. These opinions could vary from a product deployment to business strategy etc. Younger employees expect constant challenges and motivation. That requires

managers to learn new ways of coaching, mentor-ing and communicating expectations.

Acknowledging gen-erational differences offers companies access to a wider array of creative ideas and, perhaps most important, ensures the firm's talent pool is fully tapped. A large part of managing the intergenera-tional workforce is change management. Manag-ing such change would include acknowledging the different climate today’s workers are in from times past. It has been suggest-

ed organisations should focus at least some of their human resource activities on working with the new generation of workers, determining their views on working, reward and work-place preferences.

As managers, we can-not afford to fail in taking advantage of the benefits a multigenerational workforce can offer. We need to set a standard for open, non-judgmental communica-tion. Demonstrate respect for all workers as well as knowledge and awareness of the differences that exist in the workplace.

Nonjudgmental

COMMUNICATIONSuresh Shanmugam,National Head BITS and CIO, Mahindra Finance




IMPROVEMENT AND THE

IT heads have a large role to play in organisational reforms. BY MATT PODOWITZ

IMPROVIMPROVIMPRO EMENT PERFORMANCE

Performance improvement is a top business priority in the “new normal” as organisations seek to perpetuate the cost savings they achieved during the economic downturn and leverage even greater value from their existing assets.

While many performance improvement efforts are undertaken informally and within individual departments, others represent board-level initiatives and span the entire operations of the company. Performance improvement initiatives can touch almost every depart-ment within a company. But these diverse and disparate initiatives have a few things in common:

A goal of re-examining and streamlining processes for both effi-ciency and effectiveness.

Involvement of individuals with deep seated resistance to change, often resulting from fear of losing their jobs.

A high degree of dependence on existing or new IT.Because IT is almost always involved, significant opportunities

exist to improve the execution and outcome of these initiatives by leveraging four “hidden talents” of most CIOs.

Eyes on the forest and the treesUnlike many other core business functions, IT touches most every department within the company in a significant way. As a result, most CIOs have a big picture view of company operations (and chal-lenges) that is as broad as the CEO’s. However, since most CIOs are involved in significant business process improvement initiatives and large-scale information systems deployments, they often also have a solid understanding of how things work in and between most departments.

IIIIIICCCCCCCCCCCCCCCICIIICICICIIICIICIIICICICIIICIOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOIOIIIOIOIOIIIOIIOIIIOIOIOIIIOIIOIIIOIOIOIIIOIIOIIIOIOIOIIIOIIOIIIOIOIOIIIOIIOIIIOIOIOIIIOI



Personally whenever I work with people, I take it as a moral respon-

sibility to help them achieve something so that they will remember me as a mentor. In last 15 years of my people management career, I have had only one attrition, that too for the better. The person who left got a very good oppor-tunity.

I have a different style of manage-ment, my team is the extension of my family. I encourage everyone in my team to work the same way. God has been kind, that I have such a team that they think of this place as their home. It is very important, when you are spend-ing 12-14 hours a day, five times a week, that you consider it a home. Oth-erwise, it will simply not cut it.

We keep doing lot of things together. For instance, there is a get together at my home every other month where all the team members are invited. It is a very personal affair, nothing to do with office. I make sure that the team has a good time and they gel together out-side of office.

This has ensured that I have never had to make a conscious effort to motivate my team. But, whenever I get time, I reach out to each member and interact on a personal basis. I try and understand them and their families.

This combined breadth and depth of per-spective gives CIOs insights into where the greatest potential performance gains are to be had; both within a given department and in the processes that flow across multiple departments of the company. This unique CIO perspective is too important to go unleveraged, and it makes the CIO an ideal leader for performance improvement initia-tives or, at the least, a valuable member of the project committee.

Agents of changeAlmost any business executive or manager will agree that large-scale systems imple-mentations (such as ERP, CRM and sales force automation systems) are among the most stressful business events they have experienced. The reason for this is simple: such implementations require fundamental changes in process and culture and often organisational structure at every level of the company. As a result, managing the accep-tance (and resistance) to that change is usu-ally a critical factor in the ultimate success or failure of the project. Most CIOs have served as the sponsors or leaders of such large-scale systems implementation proj-ects and thus have cultivated their ability to both proactively and reactively manage the natural resistance to any significant process, organisation or technology change.

Equally significant is the experience most CIOs have with managing the expectations of their fellow business executives and boards of directors during strategic discus-sions and budget cycles. Even when outside change management specialists are expect-ed to play a role in a performance improve-ment initiative, the typical CIO’s experience as an agent of change can greatly facilitate both the planning and execution of change management efforts that are so critical to the success of performance improvement projects.

Technology enablement and enablement of technologyMost performance improvement in today’s business environment comes from imple-menting better business processes and maximising the degree of automation of those processes. Many business applica-tions are designed to facilitate both goals: Incorporating industry and departmental

best-practices and automating not only core processes, but many of the ancillary pro-cesses that historically have been handled manually.

Whether performance improvement ini-tiatives will involve implementing new busi-ness applications or simply take advantage of those that already have been put in place, the CIOs familiarity with the company’s business applications (including unutilised or under-utilised capabilities) and those used by others in the industry can be instru-mental in developing achievable programs of performance improvement.

On the other side of the equation, and a stumbling block for many company initia-tives is the disconnect between expectations for IT and the resources required to fulfill those expectations. Most CIOs are masters of managing such disconnects and rally-ing scarce IT resources to support major projects.

By placing CIOs at the helm of per-formance improvement initiatives, IT’s opportunity and ability to contribute will be maximised.

Program and project leadershipPerformance improvement initiatives are among the most complex and difficult to manage initiatives that companies can undertake. In fact, performance improve-ment initiatives can be just as complicated from a management perspective as large scale systems implementations -- which are often led by CIOs or by others who eventu-ally go on to become CIOs.

Many CIOs already have both the exper-tise and experience required to manage large-scale, complex corporate initiatives. As the leader of a performance improvement initiative or as a member of the project committee, this inherent CIO talent can be leveraged to improve the efficiency and the effectiveness with which the project is undertaken and improve the chances for a successful outcome.

As companies embark on performance improvement initiatives, it is well worth determining whether the CIO possesses some or all of these four talents and explor-ing how they might be leveraged by placing the CIO in a leadership role. Companies that find their CIO lacks these abilities may want to consider cultivating them by involv-

ing the CIO in the performance improve-ment initiative in some capacity other than a leadership role.

—Matt Podowitz is a strategic management

consultant at Grant Thornton. This article is

published with prior permission from www.

cioupdate.com.

All in the FAMILY

Rishi KapoorDirector IT, Metlife




WINNING THEINNING NEW WAR FOR IT

Use Valour for Neglected

Warriors.BY THERESA WELBOURNE

TTTTTTTTTAAAAAAAAAAAATATTTATATATTTATTATTTATATATTTATTATTTATATATTTATTATTTATATATTTAT LLLLLLLLLLLLALAAALALALAAALAALAAALALALAAALAALAAALALALAAALAALAAALALALAAALAEEEEEEEEEEEELELLLELELELLLELLELLLELELELLLELLELLLELELELLLELLELLLELELELLLELNNNNNNNNNNNNENEEENENENEEENEENEEENENENEEENEENEEENENENEEENEENEEENENENEEENE TTTTTTTTTTTTNTNNNTNTNTNNNTNNTNNNTNTNTNNNTNNTNNNTNTNTNNNTNNTNNNTNTNTNNNTNI

nstead of an outright war, smaller less conspicuous battles will be waged for a new class of people -- the neglected warriors of the recession. These people are likely to be recruit-ed away and quickly conferred with the hero status they so richly deserve by their new bosses. These newly minted heroes will help their new organisations thrive as the pace of change continues to escalate; all to your chagrin.

Neglected warriors are people who harnessed their internal energy to successfully drive many initiatives forward during the recession. However, with their good deeds came little or no recognition and IT is full of them. As a leaders you can either sit by and watch as neglect-ed warriors are poached away, or you can be proactive and try to keep them.

The subset of neglected warriors was discovered through employee engagement research and numerous case studies. Neglected warriors are employees with a high sense of urgency and are compelled to move forward. The diagnostic tool (called Valour) used in the winter 2010 Leadership Pulse study provides an estimate of the prevalence of neglected warriors. The definition of the word valour is: “Strength of mind and spirit that allows one to conquer danger with firmness.”

The four major components of the Valour survey are: Val = value, that employees feel valued by their manager and peers;O = sense of ownership in the job and organisation;U = sense of urgency; andR = rewards, that they are fair and related to performance.Valour focuses on the “engaged in what” question by diagnosing the percent of employees



moving the company forward or keeping it “standing still.” This is done via the interac-tion effect predicting performance, which tells the story about the “conditions under which” improving scores is good or bad for performance.

The 2 x 2 matrix in Figure 1 plots the results of the interaction effect (see arrows for direct ion of intervention needed to improve performance). Improving only the Val-O-R scores for the entitled makes them even more entitled without simultaneously increasing their sense of urgency. It is much harder to instill a sense of urgency than it is to influence value, ownership and rewards. In order to move the entitled group, they need to know that their current perfor-mance level is not rewarded (thus mov-ing them down on value, ownership and reward). If successful, moving these groups down on Val-O-R will increase their sense of urgency and allow for positive progression.

The neglected warrior class, however, is different. They have a high sense of urgency, they are moving forward, but they need to be appreciated. Our work finds that small efforts can move these individuals from neglected warrior to hero (or fully engaged) status.

How are managers and leaders doing today? In order to answer this question, we ran the Valour survey with the Leadership Pulse sample. The results for the 470 people who took the winter 2010 survey are in Fig-ure 2.

Figure 2 shows that six percent of the sample reported being in the entitled group, 55% are fully engaged, 17% are disengaged and 22% are the neglected warriors. These employees are at high risk of being poached because they have no good reason to stay. For the information industry sample we find the results in Figure 3 and in Figure 4.

Battle linesWhen examining these subgroups, it becomes clear that being in an IT position increases the probability of being in the neglected warrior class. Thus, as the econo-my picks up, these are the people at higher risk of being poached or recruited away.

The key to winning the battle neglected warriors is to find them and quickly recog-nise them for their efforts. Recognition for these self-motivated people includes listen-ing to them, giving them more influence over their departments, engaging them in discussions with the leadership team, and efforts focused on creating more of a sense of ownership around their job, department and company are highly powerful interventions.

These employees represent an organisa-tion’s best opportunity for quick talent wins. They are people who need just a little rec-ognition to convert them to hero status. We suggest starting your own efforts to win the war for talent with the neglected warriors, not with the entitled and disengaged. Those latter two groups are the ones that usually get the most attention from HR but they do not represent the fastest path to performance. In fact, it may be better for many of the people in the entitled and disengaged groups to seek career opportunities elsewhere.

In the new war for talent speed is criti-cal. Waiting as your highest potential tal-ent walk out the door is not a winning strategy for today's high-change business environment.

—Theresa Welbourne is the founder,

president, and CEO of eePulse, an employee

engagement consultancy. She also is editor-

in-chief of Human Resource Management,

the Journal. This article is published with prior

permission from www.cioupdate.com.

Low Urgency Low Urgency Low Urgency Low Urgency

High Valor

High Valor

High Valor

Low Valor

Low Valor

Low Valor

High employee

Value, ownership,

rewards

Low employee

Value, ownership,

rewards

ENTITLED HEROES

High Urgency High Urgency High Urgency High Urgency

DISENGAGED NEGLECTEDWARRIORS

Figure 1: Val-O-U-R 2 x 2 Matrix Figure 2: Result for Leadership Pulse sample Figure 3: Valour 2 x 2 results for information industry classification

Figure 4: Valour 2 x 2 results for technology workers

6% 2% 0%

17% 11% 9%

55% 58% 56%

22% 29% 35%

For the young generation of employees it is important to have

an environment that has a mix of work and fun. Another key factor for employees in this age range is that they are always on the look-out for a value addition in their career chart. I have observed that often, their view of career goals is short term. As a senior it is my responsibility to guide them and give them a larger picture and accordingly mould their future growth.

Also, it is essential to have constant connect with this generation. We must address their grievances and creates a feeling of being wanted.

Your team must be convinced that there is value for them in terms of career opportunities. There has to be a feeling of fairness, transparency and openness across all the employees of the organisation. Training and skill enhancements should be conducted at regular intervals.

Mentoring YOUNG TALENT

Satish PendseCIO, HCC Group and President, Highbar Technologies

BOOSTING PRODUCTIVITYOF KNOWLEDGE

The key is identifying and addressing the

barriers workers face in their daily

interactions.BY ERIC MATSON AND LAURENCE PRUSAK

Are you doing all that you can to enhance the productivity of your knowledge workers? It’s a simple question, but one that few senior executives can answer.

Their confusion isn’t for lack of trying. Organisations around the world struggle to crack the code for improving the effectiveness of managers, sales-people, scientists, and others whose jobs consist primarily of interactions—

with other employees, customers, and suppliers—and complex decision making based on knowledge and judgment. The stakes are high: raising the productivity of these workers, who constitute a large and growing share of the workforce in developed economies, repre-sents a major opportunity for companies, as well as for countries with low birth-rates that hope to maintain GDP growth.

Nonetheless, many executives have a hazy understanding of what it takes to bolster productivity for knowledge workers. This lack of clarity is partly because knowledge work involves more diverse and amorphous tasks than production or clerical positions, where the relatively clear-cut, predictable activities make jobs easier to automate or streamline. Like-wise, performance metrics are hard to come by in knowledge work, making it challenging to manage improvement efforts (which often lack a clear owner in the first place). Against this backdrop, it’s perhaps unsurprising that many companies settle for scattershot investments in training and IT systems.

Since knowledge workers spend half their time on interactions, our research and experi-ence suggest that companies should first explore the productivity barriers that impede these interactions. Armed with a better understanding of the constraints, senior executives can




WWWWWWOOOOOOOOOOOOWOWWWOWOWOWWWOWWOWWWOWOWOWWWOWWOWWWOWOWOWWWOWWOWWWOWOWOWWWOW KKKKKKEEEEEEEEEKEKKKEKEKEKKKEKKEKKKEKEKEKKKEKKEKKKEKEKEKKKEKRRRRRROROOOROROROOOROOROOOROROROOORO KRKKKRKRKRKKKRKKRKKKRKRKRKKKRKRRRRRREREEEREREREEEREEREEEREREREEERE SSSRSRRRSRSRSRRRSR

get more bang for their buck by identifying targeted productivity-improvement efforts to increase both the efficiency and effective-ness of the interactions between workers.

Among companies we’ve surveyed, fully half of all interactions are constrained by one of five barriers: physical, technical, social or cultural, contextual, and temporal. While individual companies will encounter some obstacles more than others, our expe-rience suggests that the approaches to over-coming them are widely applicable.

Physical and technical barriersPhysical barriers (including geographic distance and differences in time zones) often go hand in hand with technical bar-riers because the lack of effective tools for locating the right people and collaborating becomes even more pronounced when they are far away. While these barriers are on the wane at many companies given the arsenal of software tools available, some large, glob-ally dispersed organisations continue to suf-fer from them.

One remedy implemented by some organisations is to create “communities of practice” for people who could benefit from one another’s advice—as the World Bank has done to help the 100 or so of its plan-ners who focus on urban poverty to facilitate discussions on projects to upgrade slums. The communities feature online tools to help geographically dispersed members search for basic information (say, member roles and the specific challenges they are addressing) and sometimes use the latest social-networking tools to provide more sophisticated information, including whom the members have worked or trained with. By supplementing electronic tools with videoconferences and occasional in-person meetings, communities can bridge physical distances and build relationships.

Social or cultural barriersExamples of social or cultural barriers include rigid hierarchy or ineffective incen-tives that don’t spur the right people to engage. To avoid such problems, Petrobras, the Brazil-based oil major, created a series of case studies focused on real events in the company’s past that illuminate its val-ues, processes, and norms. The cases are discussed with new hires in small groups—

bian gas and oil company, have found that technical forums not only break down the natural barriers between occupations but also facilitate knowledge sharing across geo-graphic boundaries. Moreover, the forums build trust, which encourages employees to share information more freely.

The barrier of timeThe final barrier is time, or rather the per-ceived lack of it. If valuable interactions are falling victim to time constraints, executives can use job roles and responsibilities to help identify the employees that knowledge work-ers should be interacting with and on what topics. In some cases, companies may need to clarify decision rights and redefine roles to reduce the interaction burden on some employees while increasing it on others.

Boston-based Millennium Pharmaceu-ticals, which develops drugs for cancer treatment, did just that. When it found that researchers didn’t have time to share lessons from their experiments, it created a small group of scientists to act as “knowl-edge intermediaries.” Based on meetings with company scientists as well as presenta-tions, these employees summarise findings and submit them to an internal database. They also act as brokers by sharing knowl-edge across groups. The company reckons that this practice, combined with other initiatives, has boosted success rates for the company’s research and reduced the time needed to make key decisions. — Eric Matson is a consultant in McKinsey’s

Boston office; Laurence Prusak is a visiting

scholar at the University of Southern California

Marshall School of Business and a former

senior adviser to McKinsey.

This article was first published in September

2010 on The McKinsey Quarterly Web site,

www.mckinseyquarterly.com. Copyright

© 2010 McKinsey & Company. All rights

reserved. Reprinted by permission.

If valuable interactions are falling vic-tim to time constraints, executives can use job roles to help identify employees that knowledge work-ers should be interacting with.




promoting a better understanding of how the organisation works and encouraging a culture of knowledge sharing and collabora-tive problem solving. (To benefit further from such approaches, companies should include knowledge sharing in performance reviews and ensure that team leaders clearly commu-nicate acceptable response times for informa-tion requests. The communities of practice described above can help too: employees are far more likely to give timely and useful responses to people in their network.)

Contextual barriersEmployees who face contextual barriers struggle to share and translate knowledge obtained from colleagues in different fields. Complex interactions often require contact with people in other departments or divi-sions, making it hard for workers to assess a colleague’s level of expertise or apply the advice they may receive. Think of the dis-connect that often occurs between a compa-ny’s sales department and its product-devel-opment team over customer data. The two groups frequently struggle to communicate because they think and talk so differently about the subject (sales staff devote atten-tion to customer insights while developers focus on product specifications).

To overcome contextual barriers, organisa-tions can rotate employees across teams and divisions or create forums where specialists in different areas can learn about one anoth-er’s work. The US National Aeronautics and Space Administration (NASA), for instance, holds a biannual “Masters Forum” to share knowledge across disciplines. About 50 employees from different parts of the agen-cy attend the meetings to hear other NASA colleagues talk about the tools, methods, and skills they use in extremely complex projects. The sessions are lightly moderated and very interactive.

Similarly, managers at Ecopetrol, a Colom-

NEXTHORIZONS

Social Networking Woes: Is your corporate data at risk? Pg 38

FEATURES INSIDE

The war is over and, in case you missed it, IT lost. The once ferocious attempt to guard the corporate perimeters against unapproved devices and

applications is sputtering to an end because, frankly, all but myopic IT diehards recognise this is battle that's already over.

“Workers are adopting the tools they believe will help them get their jobs done,” said Chris King, a spokesperson at security firm Palo Alto Networks. He added: “It’s foolish for an IT executive to stand in the way. The benefits cannot be denied and besides the workers will just figure out a way around you anyway.”

Gary Curtis, chief technology strategist at Accenture, corroborated this: “Employees absolutely want to choose what technologies they use in the workplace. In fact, an Accen-ture survey of the millennial generation, those aged 18 to 27, revealed that one-third of the respondents said they expect not only to use the computer of their choice, but also to access the technology applications of their choice – 32 percent and 34 percent respectively.”

And it will only get worse. In research conducted for Unisys, workers expressed a staggering employee willingness to pay for their devices if they got to choose them. Reports Unisys: “Nearly one-third (32 per-cent) said that they would be willing to pick

Tweeting at WorkTop 10 mainstream apps/devices infiltrating the organisation. BY ROBERT MCGARVEY

ILLU

ST

RA

TIO

N :

SA

NT

OS

H K

US

HW

AH

A



up the full cost. Twenty-one percent said that they would pay up to half of the cost, and another 21 percent said that they would fund up to 30 percent of the cost.”

This is not just hypothetical, it is already happening. Ahmed Datoo, VP of Market-ing for Zenprise, which develops tools to manage enterprise mobile devices, said that perhaps caused by tight budgets and the recession, more businesses are actively encouraging employees to bring their own devices to work, especially mobile phone and tablet computers.

That might save money but it raises security issues. For instance, employees understand their employer will wipe their BlackBerry if they are terminated. But wip-ing their iPhone with its personal photos, IMs, music library? Not so fast. There are real problems raised by the consumer devices for the enterprise, in other words, but it is happening regardless. (Zenprise and its competitors are deploying selective-wipe tools to zero in only on business-owned data.)

So, what devices should you be alert to? Here’s a round-up of the top 10 devices/tools tagged by security experts as most likely to be snuck into enterprise, with or without IT’s permission:iPhone - Probably public enemy No.1 as senior-level executives have bought iPhones, then demanded IT support them. What are you going to say besides, yes, sir?iPad - “A huge topic of conversation,” said Datoo, but not that much of a security worry because its ability to interface with enterprise grade apps is limited.Mac computers - A surprise on the list but as Apple picks up iPhone and iPad users, some of them want to also use Apple com-puters, said security firm Safend's VP of Product Management, Edy Almer. He pointed to surveys that show as many as two-thirds of large enterprises reporting they expected to see big jumps in Mac deployment.Android phones – These devices continue to win enterprise fans, said Jason Wong, Product Marketing manager for Antenna Software, a developer of mobility tools. But, Android, as currently configured, has less built-in enterprise grade protection than do

iPhones and BlackBerries. Companies may need to build out their own Android secu-rity enhancements.Skype - The go-to favourite of road warriors calling home but now more IT execs report increased Skype use inside the company. Sometimes this is driven by department managers who want to push down expens-es. There's also Google Voice.Google Talk - Or pretty much any other IM tool. Increasingly essential to millennial, who may prefer IM over email, certainly over making voice calls. Every company

needs a flexible IM policy, said the expertsGMail - Nowadays when employees grumble about the corporate servers (anything from lost email to delivery delays and file size limit barriers), they are likely to act, by ditching the cor-porate email and switching to a personal GMail account. The only way to fight back is to beef up in-house email.

Twitter - There’s no stopping micro-blogging because even if it is blocked on desktop computers, employees can do it from mobile phones. With Twitter, the main concerns are inappropriate disclosures (revealing product secrets or violating SEC rules). Education is the cure.Facebook - Same as for Twitter, though

Facebook raises more security issues (mal-ware camouflaged as friendly apps, for example).Location-based services (LBS) (Four-square, GoWallah, etc.) - “LBS are changing the social media landscape,” said Paul Liu, CIO at IT consulting firm Freeborders. But can LBS notifications themselves may reveal corporate secrets -- possibly. Employees need to know when it is better to turn these tools off.

Are all these tools potentially frightening? Do they pose security risks? You bet. But the IT mission today is to find safe ways to inte-grate these technologies (often with limits) into the IT infrastructure; having accepted that just saying “no” is not an option.

— Rob McGarvey has written over 1500 arti-

cles for many leading publications—from NY

Times to Harvard Business Review. McGarvey

covers CEOs, business, high tech, human

resources, real estate and the energy sector.

This article is published with prior permission

from www.cioupdate.com

CO N SUM E R T E CH N E X T H OR I ZO N S

32%EMPLOYEES

WANT TO USE THE

COMPUTER OF

THEIR CHOICE

Employees understand their employer will wipe their BlackBerry if they are terminated. But wiping their iPhone with its personal photos, IMs, music library? Not so fast. There are real problems raised by the consumer devices for the enterprise, but it is happening regardless.



Social Networking WoesIs Your Corporate Data at Risk? BY SIMON HERON

The need for secure use of social networking applica-tions while at work is something that we at Network Box have discussed regularly.

We recently published data which demonstrates how much employees love to access social

networks while at work, and our free security guides on Facebook and Twitter suggest ways in which business owners can mitigate the risk involved in allowing access to these websites.

PricewaterhouseCoopers (PwC) has just released a study which reveals that only 32 per cent of firms moni-tor their employees’ use of social networking sites, a fig-ure which is dismal enough, but when you consider that PwC also noted that only 31 per cent of UK firms would be spending more money on data security you would be forgiven for wondering if these businesses take their net-work security seriously at all.

There is often a business case for allowing social network use at work. These sites are increasingly being used for business purposes and so blocking them may not be the answer for everyone.

But businesses should only allow access to these sites if they have the safeguards in place. Social networking can be great for

communicating over long distances and at great speed, but viruses and Trojans can be sent, received and installed on your network with similar immediacy.

If the ever-growing list of social networks and applications undergo no real scrutiny from busi-nesses the breach in the defenses of corporate

networks will come under even greater assault as hackers, phishers and fraudsters exploit employees

to take control of business networks.Businesses need to be investigating how they can protect

themselves from existing threats from social networks, and ensuring that they are defended against new threats as and when they arise.

Then there are attacks on the applications that allow us to make and receive voice and video calls online. Toll fraudsters use Ses-sion Initiation Protocol – or SIP – (which many networks use to control multimedia activity) to defraud businesses out of huge sums of money.

Many businesses wrongly assume that they must be protected from such fraudulent activity because they have locked down their IP private branch exchange to their SIP provider, but all this does is effectively ‘out source’ their security posture to the SIP trunk provid-

er whose attitude to security is very likely to very differ-ent to their own. (Those in any doubt over the extent of toll fraud need only look at the $55 million toll fraud ring that was shut down by the US government in June 2009).

In short, the threat from social networks and applica-tions is growing and businesses know it. The difficulty seems to be in persuading those in the boardroom that the risk the business is being exposed to is worth invest-ing in strong and flexible data security solutions.

With the FSA handing out increasingly large fines and the ICO being given not just fines of up to £500k but also the ability to jail those responsible, it is probably

time to look anew at security to ensure companies are safe.

—This article is published with prior permission from www.infosecis-

land.com

Is Your Corporate Data at Risk? BY SIMON HERON

The need for secure use of social networking applica-tions while at work is something that we at Network Box have discussed regularly.

We recently published data which demonstrates how much employees love to access social

networks while at work, and our free security guides on Facebook and Twitter suggest ways in which business

communicating over long distances and at great speed, but viruses and Trojans can be sent, received and installed on your network with similar immediacy.

If the ever-growing list of social networks and applications undergo no real scrutiny from businesses the breach in the defenses of corporate

networks will come under even greater assault as hackers, phishers and fraudsters exploit employees

to take control of business networks.Businesses need to be investigating how they can protect

themselves from existing threats from social networks, and ensuring that they are defended against new threats as and when they arise.

Then there are attacks on the applications that allow us to make and receive voice and video calls online. Toll fraudsters use Session Initiation Protocol – or SIP – (which many networks use to control multimedia activity) to defraud businesses out of huge sums of money.

Many businesses wrongly assume that they must be protected from such fraudulent activity because they have locked down their IP private branch exchange to their SIP provider, but all this does is effectively ‘out source’ their security posture to the SIP trunk provid

er whose attitude to security is very likely to very different to their own. (Those in any doubt over the extent of toll fraud need only look at the $55 million toll fraud ring

N E X T H OR I ZO N S SO CI A L N E T WO RK I N G



32%OF FIRMS

MONITOR THE

USE OF SOCIAL

NETWORKING

SITES

ILLU

ST

RA

TIO

N :

JO

FF

Y J

OS

E



N O H O LDS BARR E D PE RSO N ' S N A M E

INFORMATIONROAD TO

This year EMC completed its 10 years in India. EMC has come a long way from being a storage box pusher to a preferred information management partner. Manoj Chugh, President India and SAARC, EMC Corporation in an exclusive conversation with Rahul Neel Mani talks about how the company grew both in size and stature. We bring to you this conversation in two parts. Here is part one:

MANAGEMENT



M A N OJ CH U G H N O H O LDS BARR E D

The emergence of storage as the lifeline of information

infrastructure in Indian enterprises is known to everyone. What has been the role of EMC in the last ten years? Where this industry was and where it is today, a lot of water has flown under the bridge. The development has never been chronicle. Tradition-ally, Indian IT has been a lot more focused on outsourcing. When we look at the domestic IT Industry, very little attention has been given to the decisive shifts that have occurred due to the deployment of technology which delivered value. India is one of the few markets where domestic IT players work more overseas and that’s why foreign IT vendors like us play a pivotal role in shaping the destiny of Indian industry. EMC was a very late entrant in the Indian market. In the last 10 years that EMC has been in India, it has helped the Indian enterprises tremendously in shaping their information infra-structure. In the year 2000, EMC entered in India with selected tech-nologies and a few large customers. It remained same for the next three years. In 2003 EMC announced US$ 100 million investment in India. The key goal was to grow the Network Attached Storage (NAS) market that didn’t even exist as a category. It wasn’t easy for us to speak in a language which Indian enterprises weren’t familiar with. NAS, at that time was just 35 percent of market. Direct Attached Storage (DAS) ruled it with 65 percent. Organisations, at that time, were more focused on technology than their information infrastructure. The slow growth of information was another factor which determined the usage of net-work attached storage.

There has been a dramatic change in the last five years. NAS today com-mands 85 percent of the external storage market and EMC is singu-larly responsible for this shift. It was an unprecedented event.

According to you, EMC is to be given the credit of intro-

ducing network storage in India. Why weren’t the other players able to capitalise on it? At that time, the industry focused on technology and not on information. IT companies were helping organisa-tions computerise and thus offered a full suite of technologies, products and solutions. EMC is a specialist company. Our job was to educate the organisations about the importance of their information and deploy the right set of infrastructure to store, protect and access information. EMC has been at the forefront of informa-tion and thus we were able to con-vince that there needs to be an infra-structure approach to information rather than a tactical approach. The first sector that resonated well with our value proposition was telecom because of the enormous growth of customer data and thus the need for an information infrastructure. Network Storage, in its initial phase, was driven by the telecom sector. After deploying and stabilising on the Core Banking System (CBS) even the banks have taken the infrastruc-ture approach to their information to manage and protect the latter.

Apart from educating the Indian enterprises on information infra-

structure, EMC focused on forging strong partnerships. Seven years ago EMC had customers in just three cit-ies. Today we have customers in 80 cities. Without the partners and their ability to scale, we would not have been successful. A few years ago we involved academia in this. Approxi-mately 150 educational institutions in India today offer Information Management and Technology as part of their curriculum. EMC has helped in both designing curriculum and training the faculty.

Another thing why EMC was able to tap a lot of the Indian market was due to its ability to tap the tal-ent. We reorganised our business almost every 18 months. At one point we had just two segments – enterprise and commercial. Then sensing demand, we changed our strategy and divided businesses according to geography.

A lot of acquisitions have made EMC’s portfolio look

huge suddenly. How do you derive value from these acquisitions? EMC is a very acquisitive company. We have acquired many technology companies over the past few years. One thing that goes slightly unno-ticed is our ability to utilise the avail-able talent from those companies.

EMC may have started as an enter-prise storage company but soon it expanded the market segments. From 2005-06 the company started addressing mid-market segment with products which had features of very high end systems.

With our acquisitions like Legato, Documentum and RSA, we have been able to deliver a significantly higher value to the customers, which also helped us in getting into the newer market segments.

There were a few areas left which EMC didn’t address – specifically in the consumer space. But with the acquisition of Iomega, we have started delivering the EMC value in that segment as well.

Of late there has been a lot of buzz

“NAS today commands 85 percent of the external storage market and EMC is singularly responsible for this shift.”

DOSSIER

COMPANY:EMC Corporation

INDIA LAUNCH:

2000

SERVICES:

Information

Management



N O H O LDS BARR E D M A N OJ CH U G H

around data backup, recovery and archival using the data deduplication technologies. EMC’s acquisition of Data Domain has filled in this gap very successfully.

In the last many years, EMC has moved away from a single technology – select customer syndrome to an end-to-end player cutting across consumers, midmarket and high end systems. Also, it has moved away from core storage technology to the larger information infrastructure domain including back-up, recovery, archival, deduplication etc.

How does VMware gel with the current business strategy of EMC?

From a go-to-market perspective, VMware is a partner of EMC. Our products, solutions and technologies weave very well in virtualised environment. Going forward as we help cus-tomers deploy private cloud, our ability to work with virtualisation technologies like VMware will play an important role in helping custom-ers leveraging their infrastructure better.

What has EMC done to ensure timely support to their customers

in India? In seven years, we have grown from merely three cities to 10 cities. Setting up a services footprint for these cities wasn’t easy. Today EMC has more than 15 spares and logistics centres across India. We have over 200 engi-neers providing implementation support and services to the customers. EMC has over 1500 customers in India today, which exclude the Iomega customers.

All in all it has been a momentous jour-ney. In terms of investments, there have been four announcements so far. In 2003, when EMC for the first time invested US$ 100 million in the Indian market, there has been significant increment on that front. The 100 million became US$ 250 in the second round in 2005. In year 2006 it was US$ 500 million and last year EMC made its single biggest announcement taking the investment to US$ 2 billion.

How has the company reacted to customers demands?

One secret that can ascribe to this huge suc-cess is our ability to remain close to our cus-tomers. Everything that we did was directed by our customers. We listened and acted upon our customers’ advice. Initially our cus-tomers hesitated to buy EMC because of the prohibitive costs. A lot of them told us to be more affordable. Based on the feedback, in 2004 EMC launched 12 new affordable prod-ucts. Majority of those products were focused on mid-market. Those arrays were fitted with advance features but within customer bud-get. It was a remarkable shift, which allowed us to go after a market which was otherwise out of our reach. Customers felt they were heard. That was also the first time that EMC introduced a range of products which were not just storage but also backup, recovery etc. – the whole range of information manage-ment. The journey continues even today. —[email protected]

Interview continues in the next issue...



POINTS5

STEP 1: Meet and tell

your team

STEP 2:Examine team leader

compensation

STEP 3:Begin a talent

exchange

STEP 4: Be the facilitator

STEP 5: Publicly acknowledge

efforts

How to identify the 10 telltale signs and head off damaging information bottlenecks. BY DIANE L. KATZ

DISMANTLING

PH

OT

O:

PH

OT

OS

.CO

M

SILOS



at all or receive inadequate resources.

8 When you tell your managers that ser-vice levels coming from your organisa-

tion are inconsistent, you get finger-point-ing and a lack of accountability.

9 A manager who is a team player appears unhappy or doesn’t stay.

10 Your internal customers line up behind one of your managers or

another—rooting for opposing teams.

One Organisation’s Very Tall SilosHere’s an example of how silos can lead to poor decision making. Let’s look at a large organisation with more than 10,000 employees whose CIO has been in the job for four years. There are five direct reports in a matrix organisation built around inter-nal client groups, development, support and service.

The CIO meets with the team infrequent-ly— perhaps once every six to eight weeks. Some significant layoffs have occurred over the past three years, so resources are slim. The direct reports meet without the CIO once a month, at the CIO’s request, and he thinks this is enough to enable teamwork.

The five direct reports would all like the CIO’s job one day, but the CIO has given no indication that anyone is being consid-ered. Instead, he tacitly encourages internal competition. Now that resources are at a premium, there is a constant jockeying for

people and budget. Each direct report meets with the CIO indi-vidually and pleads his or her case. The CIO doesn’t respond to any of them, instead encour-aging them to resolve it among themselves.

The CIO has pet projects, based in part on the preferences of the president, and these get a boost in resources. Instead of letting everyone know how resources are being allocated, the

CIO makes decisions in private and does not openly discuss the rationale.

Because of this, the direct reports are more and more mistrustful of each other. They think that their meetings without the CIO are a waste of time because the “real” business is done in their one-one time with the CIO. At first, there was open discussion of issues but as mistrust grew, less infor-

Resources are certainly less abundant than they had been. And resources can mean people, materials or budgets—anything that is needed to get the job done. One manager does not have enough resources to handle the workload, but another manager chooses not to share his or her resources. Yet, they are both working toward the same overall goals. It could be that one manager needs an additional person in his or her group. The manager on the other team sends over the lowest-performing employee. When the receiving manager sees that this newest member is a poor performer, he or she loses trust in the other manager.

Another cause of silos is when one leader instructs a team—directly or indirectly—to mistrust another group. The danger here is that such mistrust can grow so intense that two divisions end up being more com-petitive with each other than they are with external competition. Internal competition can be motivating, but not at the cost of organisational goals.

10 Telltale Signs of SilosSilos are deadly to the overall results of an organisation when they adversely affect the consistent flow of information. Perhaps one manager does not get the information that is needed to get the job done. Or, worst case, misinformation is transmitted from team to team. It is easy to see how this can under-mine a business.

All departments and clients want their systems to be state of the art, and they want it now. As the CIO, you and your IT staff are pulled and pushed to deliver. At times, one division puts pressure on you or your staff to work harder for them and less hard for another division. That puts undue stress on your employees and on you.

Silos grow in their destructiveness when senior management either is not aware of how rampant they are, or chooses to look the other way, hoping the problem will go away on its own. The first step toward dismantling your silos is spotting them. Here are the 10 telltale signs that let you know that your organisation is run-ning amok with work silos:

1Managers never come up with collaborative solutions.

2 One manager badmouths another consistently.

3 People complain that they don’t have the information

they need to get the job done.

4 When errors occur, everyone blames everyone else for the mistakes, rather

than taking responsibility for their actions.

5 You hear complaints that your organisa-tion has unfair pay practices.

6 There is minimal or no exchange of talent between teams.

7 Your managers complain that when ask-ing for resources, they either get no help

When I think of silos, I think of driving down a road outside Chicago, where such structures stand tall, seemingly independent of what is going on around them. Relate that image to corporations with a division or a team that stands walled off from what is happening inside other divisions or teams. Our current economic situation seems to be driving the increasing formation of work silos, resulting in a lack of communication and cooperation between two entities in the same business at a time when such collaboration is needed more than ever.

T E A M M A N AG E M E N T T E CH F OR G OVE R NAN CE

TELLTALE SIGNS

THAT LET YOU

KNOW THAT YOUR

ORGANISATION IS

WORKING IN SILOS

10



facilitator; do not be the decision-maker.

6Publicly acknowledge efforts that suc-ceeded through collaboration.

7Develop a decision-making process for the allocation of resources, and let every

team member know what that process is. Be transparent about pet projects.

8 If there are poor performers on any of your teams, encourage managers to

coach, train or fire them, rather than hand them off to each other. Monitor movement among teams in your organisation to ensure that this happens.

You can still encourage internal competi-tion. Just make sure the competition doesn’t get in the way of meeting organisational goals. Silos may be good on the farm, but they don’t work in the office.

—Diane L. Katz, Ph.D., is president of The

Working Circle (www.TheWorkingCircle.com).

This article is printed with prior permission

from CIO Insight.

mation was openly discussed.Over a six-month period, there was open

disagreement without resolution—and even some misinformation. The group was dete-riorating, and it filtered down into the ranks. Members of one team began bad-mouthing another group. Bottom line: People were wasting time and precious productivity.

Steps for Eliminating SilosIf this example sounds a bit like what’s happening in your organisation, take heart. Fixing the silo problem takes time, and you need to be consistent. Here are some steps you can take:

1Meet with your team and tell them that you are fully aware of what is happen-

ing, that you want all of them to function as a team, and that you will be taking various steps to ensure that this will happen.

2Examine the compensation plans of your team leaders. Are they being paid

to cooperate or compete? If it’s the latter,

you need to explain that they will be evalu-ated mostly on their cooperation, not on competitiveness, which can be destructive.

3Meet with your team at least once a month and ask questions, such as:

a. “What collaborative teamwork have you used to help various projects succeed?”b. “Do all the players have sufficient infor-mation to get their jobs done?”c. If the responses are “none” or “no,” it’s your job to analyse how information can flow better and faster. But do not get into who is wrong.

4When appropriate, begin a talent exchange between managers. This will

make your organisation more attractive to employees, will support cross-training and will expand the knowledge base in your organisation.

5If one of your managers complains about another one, bring them both into

your office, sit them down and explain that you want them to settle their issues. Be the

The Security vs. Access ParadoxDelicate balance between network security and user access. BY MATT SWANSON

one weighs against the other. The key to effective network adminis-tration is finding and maintaining the right balance.

The IT department typically places greater emphasis on the secu-rity side of the ledger, which is to be expected because data protec-tion involves concepts, techniques and technologies that are not well understood by most members of the organisation. Ensuring the pro-tection of sensitive company data and applications is a responsibility that can’t be taken lightly.

What’s more, network security isn’t just an imperative business practice, it’s the law. A growing number of federal, state and indus-try regulations require that organisations take measures to protect data from destruction, loss, unauthorised alteration or other misuse. Failure to do so can result in stiff penalties and costly litigation.

There is only one foolproof way to protect your networked computer systems against electronic snooping, hackers, unauthorised access, stolen passwords, denial-of-service attacks and other security breaches ... unplug them.

That clearly isn’t a practical solution. In fact, most companies these days are compelled to open their systems to people inside and outside their organisations in order to do business effectively. The evolution of modern business has created increased dependence on network-based assets for everything from e-mail and customer con-tacts to order fulfilment and billing.

This demand creates a paradox for CIOs and IT administrators.While networks exist for the purpose of sharing information, every

open avenue for network access is a potential security gap. Access and security are always at opposite ends of the scale – too much of

T E CH F OR G OVE R NAN CE T E A M M A N AG E M E N T

Changing focusOver the years, IT has traditionally focused on perimeter-based security, with firewalls, access controls, intrusion detection solu-tions and other measures designed to create a wall around the network. However, the rapid growth of virtualisation, cloud com-puting, mobility and wireless technologies is making it nearly impossible to establish a hard perimeter anymore.

New technologies have fundamentally altered IT’s customer base, as well as user expectations of what IT should deliver. An increasingly mobile and outsourced user community means IT must provide net-work and application access to a dynamic workforce with differing needs and operat-ing from numerous locations. In addition, the proliferation of smartphones, netbooks and hosted applications has made workers less reliant upon their employers for their technology needs.

More and more employees are making their own buying decisions about the devic-es and applications to maximise productiv-ity, and they naturally want the IT support that will help them do their jobs.

This trend obviously imposes significant burdens on the IT department. It’s hard to manage equipment you don’t own, and harder still to secure and support a diverse collection of hardware and software that is literally changing every day. The natural incli-nation is to lock down the network and pro-hibit the use of all devices and applications not expressly sanctioned by the organisation. However, this is precisely where IT must walk a fine line.

With all security policies and practices, there is naturally going to be some tradeoff between ease of use and safety. However, secu-rity measures can be counter-productive if they are too severe. Just as people will prop open a locked door when it meets their needs, users will find ways to circumvent security policies and procedures they perceive as too cumbersome or that prevent them from accessing the network resources they need.

If you don’t believe it, see how many employees keep a copy of their network pass-word hidden underneath their keyboard.

It’s a simple fact that if people think net-work security is keeping them from doing their jobs, they will seek the services and access they need from a less secure source. They will install their own software, down-load shareware, buy a laptop connect card or an AirCard, and get on their smartphone or iPad and start doing business. You may have a very secure network, but if your customers are constantly finding workarounds then you have won the battle but lost the war.

Cooperative effortSo how does an organisation balance its security imperatives against user access needs in this era of distributed and open networked systems?

Certainly, it’s vital to have a comprehen-sive strategy in which a variety of measures -- including firewalls, intrusion prevention, VPNs, VLANs, endpoint security, and more -- are synchronised to create a globally dis-tributed defense. But technology is only part

of the answer.Most important, and more

difficult to achieve, is the cre-ation of comprehensive and understandable security poli-cies developed in concert by the folks who run the network and the ones who have to use it. IT administrators have to make a conscious effort to meet with their customers, internal and external, to find out what they need to do their jobs.

It isn’t easy. In fact, it can be a downright painful process. IT’s customers – the people who actually do the business of the business -- are usually not very security-savvy. They know where to click and they know how to

use the tools they need for their jobs, but they don’t understand what goes on behind the scenes. On the other hand, most net-work experts never really understand their customers’ jobs and what they need to work efficiently. The lack of communication and understanding between the two groups can lead to some hostility.

With two-way communication, IT can understand how network modifications can help customers do their jobs, and users can understand why certain restrictions are nec-essary to keep the network secure.

Through the use of questionnaires and interviews, CIOs can gain insight into the organisation’s culture and its ability to meet various security standards and requirements. IT must also share complex security prin-ciples in a simple manner. Policies that are overly technical and difficult to understand can actually be a barrier to effective security.

This two-way communication provides a crucial starting point in the development of an effective security policy that provides maximum security with minimum impact on user access and productivity.

It isn’t a “one-and-done” process, however. Because organisations are constantly chang-ing, security policies must be updated regu-larly to reflect new business directions, tech-nology upgrades and resource allocations. In the end, even the most comprehensive security policy is ineffective if users won’t support or comply with it.

Striking a balance between security and access is the best way to avoid unplugging the network or customers unplugging from your IT office. —Matt Swanson is principal consultant for

Emtec Federal Services. This article is printed

with prior permission from www.cioupdate.com.

“More and more employees are making their own buying decisions about the devices and applications to maximise productivity.”

75%COMPANIES

CONSIDER GRC TO

BE A TOP PRIORITY

IN THEIR SECURITY

LANDSCAPE



S E CU R I T Y T E CH F OR G OVE R NAN CE

PH

OT

O:

PH

OT

OS

.CO

M



a light bulb, a toilet seat, or a fork. The question is not merely how and when it was invented, but why was it invented to start with? What made us realise the need for an instrument having two or more prongs or tines, for holding, lifting food?

While reading the history of inof-fensive things we possess in our homes, the book reminded me of the omnipresent mobile book vendors who sell titles like “Astonishing facts you may not know” by reading out excerpts from the book - What makes leaning tower of Pisa lean? This book being from the desk of Bill Bryson it surely isn’t purely about facts unlike other I-would-shower-you-with-facts-till-your-eyebrows-go-vertical books.

It’s about storytelling with brushes of alluring humour and jaw-dropping ‘rats-have-sex-up-to-20-times-a-day’ facts. The book is breathtaking in its scope: be it histories of indoors lighting, of the clergy in England, of building materials, of food preserva-

THERE'S only one guy who can make history sound like a full moon party on Koh Phangan Island - Bill Bryson. One would have to thank Bryson’s state of doldrums (when he’s at home) for his latest masterpiece.

Titled ‘At home: A short history of private life’ (it could so easily have been named ‘At a British Home’), the book is a diligent and system-atic investigation into the history of whatever constitutes an English-man’s house. The plot is his house, a former rectory in Norfolk. He goes around with an avid eye for every minute detail. Say, something as innocuous as a staircase. He traces back what made the humankind upgrade from a ladder to a staircase. Why of all the spices do we only have salt and pepper on our dining table? The book documents some beyond-belief facts from the history about things that are so close to us that we, often, take them for granted. Say,

tion, of the effects of the Industrial Revolution or of the cornered toilet seat. The book is best summarised in Bryson’s own words, “The history of household life isn’t just a history of beds and sofas and kitchen stoves, as I had vaguely supposed it would be, but of scurvy and guano and the Eiffel Tower and bedbugs and bodys-natching and just about everything else that has ever happened. Houses aren’t refugees from history. They are where history ends up.”

We recommend the book to anyone who enjoys being at home, intrigued by gentle history and is always inquisitive to know reasons behind why things are called what and what made us invent them to start with. —Anoop Chugh

ABOUT THE REVIEWER

Anoop Chugh

is the assistant

editor of CFO

India Magazine.

You can reach

him at anoop.

[email protected].

Home is where the history is A book that claims everything miniscule in your house has a story to tell. Read it to fall in love with your home all over again.

HIDE TIME | BOOK REVIEW Auth

or: B

ill B

ryso

n“Houses are where history

ends up.”

a light bulb, a toilet seat, or a fork. tion, of the effects of the Industrial

Home is where A book

that claims everything miniscule in your house has a story to tell.Read it to fall in love with your

HIDDENTANGENTTHE AUTHOR IS Executive Editor, CTO Forum GEETAJ CHANNANA

[email protected]



The Phone Support SagaSpeed of change in the mobile space has kept the support team on their toes.

"During the time Nokia and Black-berry were fighting it out – there came the iPhone and changed the game again."

WITH many different kinds of smart-phones in the market – it becomes an IT manager’s nightmare to sup-port all of them. It started with some Nokias and Blackberry offering email on their device. This was the time when there was Blackberry connect for Nokia and users could get their Blackberry email on Nokia’s business phones like the 9300 or 9500.

This is the time when Nokia decid-ed to leave the Blackberry banner and chose to have its own mail offering. They obviously thought they were better. How well has it fared? After about four years of its launch, the Nokia offering is finally getting some traction on their E-series phones – just that it is still far from being a preferred platform.

That, was still not too difficult for the IT department back then. The only thing that they had to do was set up Blackberry servers in some cases. That was nothing in comparison to what was in store for them.

During the time Nokia and Black-berry were fighting it out – there came the iPhone and changed the game again. With a better user experience

the doors to the public cloud even more. But, by this time organisations had realised that this was going out of hand. While some have got third party companies to manage their mobile policies – other have strict guidelines about the devices they can support. But now, they are going to face a dilemma that will be difficult to handle – the Windows Phone 7.

Being launched this week, this device will change the ground rules again. It has got a refreshing new interface – which claims to be a lot more people centric. Better integration with Microsoft Office, Sharepoint and Outlook is also being touted – though without copy/ paste support.

The phone’s interface is divided into hubs rather than being a collection of icons. It relies on the users’ tendency to look for everything with one glance at the phone. The whole screen of the phone is divided into only about six hubs that can be increased by new third party applications.Something extremely exciting to look forward to – and another thing that you may have to support. All the best!

and going forward, an integration with Outlook, it has catapulted into being one of the most preferred platforms.

This also brought a cultural shift where employees started demand-ing support from the device at work. Till this time the employees did not care too much about the device they had – nor were there any compelling consumer devices that gave them the option of doing their work efficiently. The iPhone changed things from ground up.

Now, not only did the IT depart-ment had to support the phone, but they had to increase security on their networks to ensure that the apps and the internet usage from the device did not cause havoc on their network. Usage policies had to be drawn for application and phone usage on office networks and for office emails.

By this time they were support-ing three major formats – Symbian, Blackberry and the iPhone. They were already supporting more oper-ating systems on devices than on desktops in an organisation. Just when they were getting their air back – along came Android and opened

VIEWPOINT



I GET to say I told you so! I recently blogged about battles yet begun about the industry vs. Goliath (Oracle) and how if folks don’t wake up to what Oracle is doing with Exadata, a whole lot of people who love to sell infra-structure are going to be out of luck.

I mentioned Greenplum and Ver-tica specifically as key ingredients to stem the threat–because they can eliminate the need for the heart of Oracle’s attack–the database.

Greenplum builds a database designed from the ground up for mas-sive scale–the kind required by data warehouses and BI systems. They do it far more effectively and a billion times cheaper than systems using the Oracle RDB to keep track of, and pro-vide analysis on everything.

With that in the arsenal, EMC now has a shot to at least stem the tide of Oracle Exadata defections–and even more, can offer a more compelling overall solution to the problems of massive data sets. The issue will be simple–Oracle knows how to sell

about it. Why let Oracle dictate the game? With VMware, Springsource, and Greenplum, one can make some pretty compelling software argu-ments as to why this combination is the face of massive data set manage-ment in the future.

I love the play. Kudos for a brave move. After Data Domain, I’m not going to challenge their ability to pull off the execution again. I’m just dying to see this play out. It’s like a heavyweight fight in the making.Interesting final note – Oracle owns Sun, Greenplum was founded by some Sun folk, Scott McNeally is on the Greenplum advisory board…….

this stuff, EMC (traditional) doesn’t. Oracle DW/BI people speak that lan-guage–to the right buyer–who is not the infrastructure buyer!

The BI/DW buyer is a business apps person–not someone who cares in the least about spinning disk or cache or whatever. EMC will either need to teach their high-end force a new language and the ways of a new customer set, or figure out how to keep that separate from the main-stream as they have done with their other successful software acquisi-tions. My guess is they will do the latter, but I don’t know yet.

Unlike VMware or Documentum, for example, this play directly affects EMC’s bread and butter hardware offerings. When Oracle sweeps the floor with an Exadata deal, they sweep out Symmetrix, HP boxes, IBM, etc., and there really isn’t a heck of a lot to be done about it. This is perhaps why EMC did what they did–and I give them credit for seeing it for what it is and doing something

Welcome to the

ThunderdomeEMC’s Greenplum acquisition

PH

OT

O:

PH

OT

OS

.CO

M

ABOUT THE AUTHOR: Steve Duplessie

is the founder of

and Senior Analyst

at the Enterprise

Strategy Group.

Recognised

worldwide as

the leading

independent

authority on

enterprise storage,

Steve has also

consistently been

ranked as one of

the most influential

IT analysts. You

can track Steve’s

blog at http://www.

thebiggertruth.com

STEVE DUPLESSIE | [email protected]

How to make your team unhappy

Documents

ceo of sap

big impact

ceo of hp

staff whetherthe smallest

oracles ceo

ellison speechless

staff whetherpositive

outspoken oracle ceo